Overview

overview

7

Static

static

3

ea5209468b...18.exe

windows7-x64

7

ea5209468b...18.exe

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/TBC.dll

windows7-x64

1

$PLUGINSDIR/TBC.dll

windows10-2004-x64

1

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$PLUGINSDI...ct.dll

windows7-x64

1

$PLUGINSDI...ct.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ea5209468b3dc2a9f24010a7c75cc019_JaffaCakes118

  • Size

    339KB

  • MD5

    ea5209468b3dc2a9f24010a7c75cc019

  • SHA1

    36a2de5fe8379b77d520fb4f5d35d133e27eb68c

  • SHA256

    051f6581fe2e82e5e0a8c7d387b75aa51911af1560570dca42bb7470d524ad1b

  • SHA512

    d2df513a0da3d083e62bb17dbc5c189b835e630c1c2597f2db3cfe443a3d49ae61a6f5ecfbd6ed480f9c72ebb059724c8eb99bebf82865dc241a95dcda117f85

  • SSDEEP

    6144:9bUTp1WPeryXlpnt8Q+KaVM+eB6KEzRa3pPBkNn95huX6V7RnXh49Kj:9IRryXznt87zQcbR1Z9TuX6HX0Kj

Score
3/10

Malware Config

Signatures

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • ea5209468b3dc2a9f24010a7c75cc019_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    7ed0d71376e55d58ab36dc7d3ffda898


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/01_1434665502474.bmp
  • $PLUGINSDIR/05_1434665515650.bmp
  • $PLUGINSDIR/Declinebutton-new-for-MIP_1435270067931.bmp
  • $PLUGINSDIR/Install_ENG_1435269796949.bmp
  • $PLUGINSDIR/Oops_1435269741269.bmp
  • $PLUGINSDIR/RF_1434665551853.bmp
  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    fc0224e99e736751432961db63a41b76


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/TBC.dll
    .dll windows:5 windows x86 arch:x86

    b849bbef6db4bd5d3c2ee3dae22cc540


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/cancel_english_mip_1435269791906.bmp
  • $PLUGINSDIR/cleanup_ENG_140x36_1435270062526.bmp
  • $PLUGINSDIR/nsDialogs.dll
    .dll windows:5 windows x86 arch:x86

    58da96f4c774d946620f1d9e7be93b20


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/t8bprtct.dll
    .dll regsvr32 windows:5 windows x86 arch:x86

    95cf83a10236a8bd2ce8b632973eb995


    Code Sign

    Headers

    Imports

    Exports

    Sections