Overview

overview

7

Static

static

7

edf693864b...18.exe

windows7-x64

7

edf693864b...18.exe

windows10-2004-x64

7

$PLUGINSDI...os.dll

windows7-x64

3

$PLUGINSDI...os.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$TEMPImg/C...04.exe

windows7-x64

1

$TEMPImg/C...04.exe

windows10-2004-x64

1

$TEMPImg/regver.exe

windows7-x64

1

$TEMPImg/regver.exe

windows10-2004-x64

1

ImageResizerBatch.exe

windows7-x64

7

ImageResizerBatch.exe

windows10-2004-x64

7

Uninst.exe

windows7-x64

7

Uninst.exe

windows10-2004-x64

7

$PLUGINSDI...es.dll

windows7-x64

3

$PLUGINSDI...es.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    edf693864be0bedab974fefb090d9a20_JaffaCakes118

  • Size

    696KB

  • MD5

    edf693864be0bedab974fefb090d9a20

  • SHA1

    a6ca9c6b91439c243c08d8f8e1acf35f5640a88a

  • SHA256

    ad10606f3fb69f8908b950eb0b85100d73f3e9336a0c5cbdb64665551ceceaa9

  • SHA512

    ab12b72a9756a1c0d3c806b15e70518d9df421fa64df4d887e2f9bb088a7de289fa5290bf6d95333e9b89ec29982beba04cc7cbf3aa37135d1e60e90ee074cb0

  • SSDEEP

    12288:Rol66wfKPfhcwU/jw1+0GX3z4dFeLiXS+rCsdq9+uJ7zk+nG8R5+YIHf8pw5a4EL:GlGyXCwE4+1XDDDvsdq3JhG8RobEpcaH

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 7 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 4 IoCs
    installer

Files

  • edf693864be0bedab974fefb090d9a20_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    7fa974366048f9c551ef45714595665e


    Headers

    Imports

    Sections

  • $PLUGINSDIR/ExecDos.dll
    .dll windows:4 windows x86 arch:x86

    2dfc6a992d004b736e85c64219a88b4a


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    2017f2acbdaa42ab3e4adeb8b4c37e7b


    Headers

    Imports

    Exports

    Sections

  • $TEMPImg/CheckVer104.exe
    .exe windows:4 windows x86 arch:x86

    9180e4a50ffbbdaaf0efc56a3138c8bf


    Headers

    Imports

    Sections

  • $TEMPImg/regver.exe
    .exe windows:5 windows x86 arch:x86

    7057f8e2813c3e47f3e701a089b5ad06


    Headers

    Imports

    Sections

  • ImageResizerBatch.exe
    .exe windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • Uninst.exe
    .exe windows:4 windows x86 arch:x86

    7fa974366048f9c551ef45714595665e


    Headers

    Imports

    Sections

  • $PLUGINSDIR/Processes.dll
    .dll windows:4 windows x86 arch:x86

    f5edecae12589e705677a6e272ad0394


    Headers

    Imports

    Exports

    Sections