General

  • Target

    JaffaCakes118_bfaeb628eb811839395ca7bf5ef866a5

  • Size

    2.4MB

  • MD5

    bfaeb628eb811839395ca7bf5ef866a5

  • SHA1

    0146e8ec67756f5ec6d349dc6ac6a1633f360341

  • SHA256

    17c184859f0ba6c44db4b486aeb091ad2dae5f6078816a9b03bc71ad78d97d41

  • SHA512

    cc19310cedebb89891bda9e29b85b6196eee6f50897c73e32d1b4f4b3a0c057fee7363e713e3514eac9eeab1e02b441817ea9ce49169d123db46e7c47f83ca1e

  • SSDEEP

    49152:33j638rQukLXGqRYv+RlbImz4vX9f+pRLftA4n5JxJutIp0C+TYfuosy7WVYpVJe:3KJ3RSmzIX9W/LftT5Jx4IpOTYfuosyM

Score
10/10

Malware Config

Signatures

  • Detecting the common Go functions and variables names used by Snatch ransomware 1 IoCs
  • Snatch family
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • JaffaCakes118_bfaeb628eb811839395ca7bf5ef866a5
    .exe windows:6 windows x64 arch:x64


    Headers

    Sections

  • out.upx
    .exe windows:6 windows x64 arch:x64


    Headers

    Sections