Overview

overview

7

Static

static

3

baiducb5.exe

windows7-x64

7

baiducb5.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$TEMP/bdtm...ll.dll

windows7-x64

1

$TEMP/bdtm...ll.dll

windows10-2004-x64

3

baidubar.dll

windows7-x64

7

baidubar.dll

windows10-2004-x64

7

新云软件.url

windows7-x64

1

新云软件.url

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    e8f1aa43975b77dd3cb899d95d007116_JaffaCakes118

  • Size

    511KB

  • MD5

    e8f1aa43975b77dd3cb899d95d007116

  • SHA1

    9ca934d558b8ecce923e90c42fdaa8e7a9253f39

  • SHA256

    dd392dc79be8be88a60cfe7d4fb9b8e79680af93e3731450290e112f8de93728

  • SHA512

    d70e8327f044229bb43c6a57745a3e39bcf7df76222c6beb0c9a8f8f97a4137804dec0900eb6f99977f99c1473ddee481bf42400c55d3e82f4a6151ac4428624

  • SSDEEP

    12288:yKa8z8xxQr2uFHIe/fSx/WimzgBQHLdgNtOI:y/EwyrQe/fM/lmE0dStOI

Score
3/10

Malware Config

Signatures

  • Unsigned PE 4 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 1 IoCs
    installer

Files

  • e8f1aa43975b77dd3cb899d95d007116_JaffaCakes118
    .rar
  • baiducb5.exe
    .exe windows:4 windows x86 arch:x86

    1bed3305885b0ca596d9cbba22baf78a


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    9d433976e02d79532f0d635ee81d0b20


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    4ec328f99bdd944fc98d8a5cf11f7a62


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-wizard.bmp
  • $PROGRAM_FILES/Baidu/bar/Buttons/custom.xml
    .xml
  • $TEMP/bdtmp/InstDll.dll
    .dll windows:4 windows x86 arch:x86

    e44f82ce77eec687f2bd1fd452dd3940


    Headers

    Imports

    Exports

    Sections

  • BaiduBar.dat
  • baidubar.dll
    .dll regsvr32 windows:4 windows x86 arch:x86

    14dd304fe5b147e8ad61fe9c67382bce


    Headers

    Imports

    Exports

    Sections

  • img/imglist.bmp
  • img/logo.bmp
  • 新云软件.url
    .url