Overview

overview

7

Static

static

7

RemindBookV4.3_XP.exe

windows7-x64

7

RemindBookV4.3_XP.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

CheckUpdate.exe

windows7-x64

1

CheckUpdate.exe

windows10-2004-x64

1

RemindBook.chm

windows7-x64

1

RemindBook.chm

windows10-2004-x64

1

RemindBook.exe

windows7-x64

7

RemindBook.exe

windows10-2004-x64

7

Uninstall.exe

windows7-x64

7

Uninstall.exe

windows10-2004-x64

7

pvmp3.dll

windows7-x64

1

pvmp3.dll

windows10-2004-x64

1

新云软件.url

windows7-x64

1

新云软件.url

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    eda23d80eb7a1631945f9827632fddd9_JaffaCakes118

  • Size

    4.4MB

  • MD5

    eda23d80eb7a1631945f9827632fddd9

  • SHA1

    74a9a5c228750e36908bd989dffa11195dacfb75

  • SHA256

    3b1f44bde8eacc7647d073c17f946f1465da8a2c4fd3029806f76b86aa52f797

  • SHA512

    d5075f67cdd0de1c410c251906beab0f1dc28c28375a92b2ef9a482e455c859f6727c8fa429dbc0b41f313bff51178a8bcdb8fc7cb1e2672ac7fe0e8ab63628d

  • SSDEEP

    98304:YHf19aSEJWqGUN96VHmmDlRWyVVDh7YgKzUyDSYehtMiPXSUi:YHf19aSE0qV2GavWyVg5UYehrXe

Score
7/10
upxaspackv2

Malware Config

Signatures

  • ASPack v2.12-2.42 1 IoCs

    Detects executables packed with ASPack v2.12-2.42

    aspackv2
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 6 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 2 IoCs
    installer

Files

  • eda23d80eb7a1631945f9827632fddd9_JaffaCakes118
    .rar
  • RemindBookV4.3_XP.exe
    .exe windows:4 windows x86 arch:x86

    73b73e00f465fa1a2a3bf6377a40219b


    Headers

    Imports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    57354bdeea3dfae6e948101add87501a


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-header.bmp
  • $PLUGINSDIR/modern-wizard.bmp
  • CheckUpdate.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • Holidays.dat
  • NumberClock/Number/Һ.bmp
  • NumberClock/Number/.bmp
  • NumberClock/Number/ۺ.bmp
  • NumberClock/Number/ư.bmp
  • NumberClock/Number/Ұ.bmp
  • NumberClock/Number/ۻ.bmp
  • NumberClock/Number/.bmp
  • NumberClock/Number/.bmp
  • NumberClock/NumberClock.ini
  • NumberClock/Skin/ʷū.bmp
  • NumberClock/Skin/ʷū.ini
  • NumberClock/Skin/СŮ.bmp
  • NumberClock/Skin/СŮ.ini
  • NumberClock/Skin/ѩ.bmp
  • NumberClock/Skin/ѩ.ini
  • NumberClock/Skin/ѩ1.bmp
  • NumberClock/Skin/ѩ1.ini
  • NumberClock/Skin/ѩ2.bmp
  • NumberClock/Skin/ѩ2.ini
  • NumberClock/Skin/Ͳ.bmp
  • NumberClock/Skin/Ͳ.ini
  • NumberClock/Skin/.bmp
  • NumberClock/Skin/.ini
  • NumberClock/Skin/.bmp
  • NumberClock/Skin/.ini
  • NumberClock/Skin/.bmp
  • NumberClock/Skin/.ini
  • NumberClock/Skin/Ѽ.bmp
  • NumberClock/Skin/Ѽ.ini
  • NumberClock/Skin/ż.bmp
  • NumberClock/Skin/ż.ini
  • NumberClock/Skin/Ƥ.bmp
  • NumberClock/Skin/Ƥ.ini
  • NumberClock/Skin/ޱ.bmp
  • NumberClock/Skin/ޱ.ini
  • NumberClock/Skin/ͷ.bmp
  • NumberClock/Skin/ͷ.ini
  • Plugins/QQCityCode.dat
  • Plugins/Weather/QQ.dsf
  • Plugins/Weather/QQ.ini
  • Plugins/Weather/WeatherCn.dsf
  • Plugins/Weather/WeatherCn.ini
  • Plugins/Weather/WeatherMycaca.dsf
  • Plugins/Weather/WeatherMycaca.ini
  • Plugins/Weather/WeatherOnline.dsf
  • Plugins/Weather/WeatherOnline.ini
  • Plugins/Weather/Weathercomcn.dsf
  • Plugins/Weather/Weathercomcn.ini
  • Plugins/Weather/nmcgovcn.dsf
  • Plugins/Weather/nmcgovcn.ini
  • Plugins/WeatherCityCode.ini
  • Plugins/WeatherComCityCode.dat
  • RemindBook.chm
    .chm
  • RemindBook.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • Res/Action_Win_Flat/ALL CAPS!!!.png
    .png
  • Res/Action_Win_Flat/Beatnik.png
    .png
  • Res/Action_Win_Flat/MacZealot.png
    .png
  • Res/Action_Win_Flat/Nemo.png
    .png
  • Res/Action_Win_Flat/Scooby.png
    .png
  • Res/Action_Win_Flat/Thumbs.db
  • Res/Action_Win_Flat/ʥ.bmp
  • Res/Action_Win_Flat/ʷŬ.png
    .png
  • Res/Action_Win_Flat/Сʹ1.gif
    .gif
  • Res/Action_Win_Flat/Сʹ2.gif
    .gif
  • Res/Action_Win_Flat/.bmp
  • Res/Action_Win_Flat/.bmp
  • Res/Action_Win_Flat/С01.gif
    .gif
  • Res/Action_Win_Flat/.png
    .png
  • Res/Action_Win_MagicFlash/ѩ01.ini
  • Res/Action_Win_MagicFlash/ѩ01.swf
  • Res/Action_Win_MagicFlash/ѩ02.ini
  • Res/Action_Win_MagicFlash/ѩ02.swf
  • Res/Action_Win_MagicFlash/Ԫ.ini
  • Res/Action_Win_MagicFlash/Ԫ.swf
  • Res/Action_Win_MagicFlash/óԷ.ini
  • Res/Action_Win_MagicFlash/óԷ.swf
  • Res/Action_Win_MagicFlash/Ϣһ01.ini
  • Res/Action_Win_MagicFlash/Ϣһ01.swf
  • Res/Action_Win_MagicFlash/Ϣһ02.ini
  • Res/Action_Win_MagicFlash/Ϣһ02.swf
  • Res/Action_Win_MagicFlash/Ϣһ03.ini
  • Res/Action_Win_MagicFlash/Ϣһ03.swf
  • Res/Action_Win_Msg/Buttons/QQ_Close.bmp
  • Res/Action_Win_Msg/Buttons/QQ_Close_Over.bmp
  • Res/Action_Win_Msg/Buttons/QQ_Later.bmp
  • Res/Action_Win_Msg/Buttons/QQ_Later_Over.bmp
  • Res/Action_Win_Msg/Icons/Clock(24).png
    .png
  • Res/Action_Win_Msg/Icons/Clock(32).png
    .png
  • Res/Action_Win_Msg/Icons/Favourites(24).png
    .png
  • Res/Action_Win_Msg/Icons/Favourites(32).png
    .png
  • Res/Action_Win_Msg/Icons/Info01(24).png
    .png
  • Res/Action_Win_Msg/Icons/Info01(32).png
    .png
  • Res/Action_Win_Msg/Icons/Info01(48).png
    .png
  • Res/Action_Win_Msg/Icons/Info02(24).png
    .png
  • Res/Action_Win_Msg/Icons/Info02(32).png
    .png
  • Res/Action_Win_Msg/Icons/Stop01(24).png
    .png
  • Res/Action_Win_Msg/Icons/Stop01(32).png
    .png
  • Res/Action_Win_Msg/Icons/Stop02(24).png
    .png
  • Res/Action_Win_Msg/Icons/Stop02(32).png
    .png
  • Res/Action_Win_Msg/Icons/Symbols(24).png
    .png
  • Res/Action_Win_Msg/Icons/Symbols01(32).png
    .png
  • Res/Action_Win_Msg/QQ.bmp
  • Res/Action_Win_Msg/QQ1.bmp
  • Res/Action_Win_Msg/Royale/Close.png
    .png
  • Res/Action_Win_Msg/Royale/Close12.png
    .png
  • Res/Action_Win_Msg/Royale/Close12_Over.png
    .png
  • Res/Action_Win_Msg/Royale/Close_Over.png
    .png
  • Res/Action_Win_Msg/Royale/Later.png
    .png
  • Res/Action_Win_Msg/Royale/Later12.png
    .png
  • Res/Action_Win_Msg/Royale/Later12_Over.png
    .png
  • Res/Action_Win_Msg/Royale/Later_Over.png
    .png
  • Res/Action_Win_Msg/Royale/Royale(ɫ).ini
  • Res/Action_Win_Msg/Royale/Royale(ɫ).ini
  • Res/Action_Win_Msg/Royale/Royale(ɫ).ini
  • Res/Action_Win_Msg/Royale/Royale(ɫ).ini
  • Res/Action_Win_Msg/Royale/Royale_Blue.bmp
  • Res/Action_Win_Msg/Royale/Royale_Gray.bmp
  • Res/Action_Win_Msg/Royale/Royale_Olive.bmp
  • Res/Action_Win_Msg/Royale/Royale_White.bmp
  • Res/Action_Win_Msg/Thumbs.db
  • Res/Action_Win_Msg/bk_msn.bmp
  • Res/Action_Win_Msg/msn.ini
  • Res/Action_Win_Msg/qq.ini
  • Res/Action_Win_Msg/qq1.ini
  • Res/Action_Win_Note/Thumbs.db
  • Res/Action_Win_Note/Yellow(pin).png
    .png
  • Res/Action_Win_Note/Yellow.png
    .png
  • Res/Action_Win_Note/default.ini
  • Res/Action_Win_Note/ʥ.ini
  • Res/Action_Win_Note/ʥ.png
    .png
  • Res/Action_Win_Note/ɫ룩.ini
  • Res/Face/0.bmp
  • Res/Face/1.bmp
  • Res/Face/10.bmp
  • Res/Face/11.bmp
  • Res/Face/12.bmp
  • Res/Face/13.bmp
  • Res/Face/14.bmp
  • Res/Face/15.bmp
  • Res/Face/16.bmp
  • Res/Face/17.bmp
  • Res/Face/18.bmp
  • Res/Face/19.bmp
  • Res/Face/2.bmp
  • Res/Face/20.bmp
  • Res/Face/21.bmp
  • Res/Face/22.bmp
  • Res/Face/23.bmp
  • Res/Face/24.bmp
  • Res/Face/3.bmp
  • Res/Face/4.bmp
  • Res/Face/5.bmp
  • Res/Face/6.bmp
  • Res/Face/7.bmp
  • Res/Face/8.bmp
  • Res/Face/9.bmp
  • Res/Face/Thumbs.db
  • Res/TBGrays.png
    .png
  • Res/TBGrays24.png
    .png
  • Res/TB_Actions.png
    .png
  • Res/TB_Holidays.png
    .png
  • Res/TB_Preference24.png
    .png
  • Res/TB_RLsts.png
    .png
  • Res/TB_Types.png
    .png
  • Res/TBs.png
    .png
  • Res/TBs24.png
    .png
  • Res/Thumbs.db
  • Res/WeatherCode.ini
  • Res/WeatherDesc.ini
  • Res/WeatherIcons/0.bmp
  • Res/WeatherIcons/1.bmp
  • Res/WeatherIcons/2.bmp
  • Res/WeatherIcons/3.bmp
  • Res/WeatherIcons/4.bmp
  • Res/WeatherIcons/5.bmp
  • Res/WeatherIcons/6.bmp
  • Res/WeatherIcons/7.bmp
  • Res/WeatherIcons/Thumbs.db
  • Res/WeatherIcons/WeatherDesc.ini
  • Res/WeatherIcons/WeatherWindDesc.ini
  • Res/WeatherIcons/today/Cloudy.png
    .png
  • Res/WeatherIcons/today/CloudyLightPartly.png
    .png
  • Res/WeatherIcons/today/CloudyMostly.png
    .png
  • Res/WeatherIcons/today/CloudyPartly.png
    .png
  • Res/WeatherIcons/today/Dust.png
    .png
  • Res/WeatherIcons/today/Fog.png
    .png
  • Res/WeatherIcons/today/Frigid.png
    .png
  • Res/WeatherIcons/today/Hail.png
    .png
  • Res/WeatherIcons/today/Haze.png
    .png
  • Res/WeatherIcons/today/Lightening.png
    .png
  • Res/WeatherIcons/today/LighteningLight.png
    .png
  • Res/WeatherIcons/today/NA.png
    .png
  • Res/WeatherIcons/today/Night_Clear.png
    .png
  • Res/WeatherIcons/today/Night_CloudyLightPartly.png
    .png
  • Res/WeatherIcons/today/Night_CloudyMostly.png
    .png
  • Res/WeatherIcons/today/Night_CloudyPartly.png
    .png
  • Res/WeatherIcons/today/Night_Rain.png
    .png
  • Res/WeatherIcons/today/Night_Snow.png
    .png
  • Res/WeatherIcons/today/Night_Thunderstorms.png
    .png
  • Res/WeatherIcons/today/Rain.png
    .png
  • Res/WeatherIcons/today/RainHeavy.png
    .png
  • Res/WeatherIcons/today/RainHeavy1.png
    .png
  • Res/WeatherIcons/today/RainIcyHeavy.png
    .png
  • Res/WeatherIcons/today/RainIcyLight.png
    .png
  • Res/WeatherIcons/today/RainLight.png
    .png
  • Res/WeatherIcons/today/RainWindy.png
    .png
  • Res/WeatherIcons/today/ShowerLight.png
    .png
  • Res/WeatherIcons/today/Smoke.png
    .png
  • Res/WeatherIcons/today/Snow.png
    .png
  • Res/WeatherIcons/today/SnowHeavy.png
    .png
  • Res/WeatherIcons/today/SnowLight.png
    .png
  • Res/WeatherIcons/today/SnowRainIcyMix.png
    .png
  • Res/WeatherIcons/today/SnowRainMix.png
    .png
  • Res/WeatherIcons/today/Snowflakes.png
    .png
  • Res/WeatherIcons/today/SnowyWindy.png
    .png
  • Res/WeatherIcons/today/Sunny.png
    .png
  • Res/WeatherIcons/today/SunnyHot.png
    .png
  • Res/WeatherIcons/today/Thumbs.db
  • Res/WeatherIcons/today/Thunderstorms.png
    .png
  • Res/WeatherIcons/today/Windy.png
    .png
  • Res/WeatherIcons/today/weather.ini
  • Sounds/Alarm.wav
  • Sounds/Beep.wav
  • Sounds/BigBen.wav
  • Sounds/Chimes.wav
  • Sounds/Clock.wav
  • Sounds/Cuckoo.wav
  • Sounds/Doorbl.wav
  • Sounds/Mac.wav
  • Sounds/Phone.wav
  • Sounds/Reville.wav
  • Sounds/Rooster.wav
  • Sounds/VoiceTime/AM0.wav
  • Sounds/VoiceTime/AM1.wav
  • Sounds/VoiceTime/EM.wav
  • Sounds/VoiceTime/MIN.wav
  • Sounds/VoiceTime/PM.wav
  • Sounds/VoiceTime/POINT.wav
  • Sounds/VoiceTime/T00.wav
  • Sounds/VoiceTime/T01.wav
  • Sounds/VoiceTime/T02.wav
  • Sounds/VoiceTime/T03.wav
  • Sounds/VoiceTime/T04.wav
  • Sounds/VoiceTime/T05.wav
  • Sounds/VoiceTime/T06.wav
  • Sounds/VoiceTime/T07.wav
  • Sounds/VoiceTime/T08.wav
  • Sounds/VoiceTime/T09.wav
  • Sounds/VoiceTime/T1.wav
  • Sounds/VoiceTime/T10.wav
  • Sounds/VoiceTime/T11.wav
  • Sounds/VoiceTime/T12.wav
  • Sounds/VoiceTime/T2.wav
  • Sounds/VoiceTime/T20.wav
  • Sounds/VoiceTime/T30.wav
  • Sounds/VoiceTime/T40.wav
  • Sounds/VoiceTime/T50.wav
  • Sounds/VoiceTime/TIMENOW.wav
  • Uninstall.exe
    .exe windows:4 windows x86 arch:x86

    73b73e00f465fa1a2a3bf6377a40219b


    Headers

    Imports

    Sections

  • $PLUGINSDIR/modern-header.bmp
  • db.dat
  • pvmp3.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • 新云软件.url
    .url