Overview

overview

7

Static

static

7

f98bea22d0...18.exe

windows7-x64

7

f98bea22d0...18.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

Mame32.chm

windows7-x64

1

Mame32.chm

windows10-2004-x64

1

kailleraclient.dll

windows7-x64

7

kailleraclient.dll

windows10-2004-x64

7

mame32k.exe

windows7-x64

7

mame32k.exe

windows10-2004-x64

7

mame32kk.exe

windows7-x64

1

mame32kk.exe

windows10-2004-x64

1

zip32.dll

windows7-x64

3

zip32.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    f98bea22d0ca71aec4e3049044aef199_JaffaCakes118

  • Size

    21.6MB

  • MD5

    f98bea22d0ca71aec4e3049044aef199

  • SHA1

    af003667d3f461cf5a7a6c5400349e31669c8718

  • SHA256

    51b66d4b2f6c6fa61384aca3188c9d32869d8477a86a5dc67db423fade8c1e37

  • SHA512

    d1feb2a1ea332f4900a58afa5357434da67ec6fcd7457ce58d90621ddbf213e89e806ade89eeea1cefb352d62a2cdf4c59b3f38109e1b57992ce5433440eab4c

  • SSDEEP

    393216:4z4MAxwgwggrdlqPehVXhwIDIPNvGZj79AQGZlzifJIRrQlS26ZzFB22tC6xHIhX:4z4MAxHwgg93hwYIPNvGQQWifJgrQlSC

Score
7/10
upx

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 1 IoCs

    Detects file using ACProtect software.

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 7 IoCs

    Checks for missing Authenticode signature.

Files

  • f98bea22d0ca71aec4e3049044aef199_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    dd1742eadfc6df18ded3c26ae64ad610


    Headers

    Imports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    b1cd0d78f652ce5fc63f0879371af012


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-header.bmp
  • $PLUGINSDIR/modern-wizard.bmp
  • MAME32kui.ini
  • Main_dtdj.ini
  • Mame32.chm
    .chm
  • cfg/default.cfg
  • ini/MAME32k.ini
  • join.wav
  • kaillera.txt
  • kailleraclient.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • out.upx
    .dll windows:4 windows x86 arch:x86


    Headers

    Sections

  • mame32k
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • mame32kk.exe
    .exe windows:5 windows x86 arch:x86

    4dbc5d08df28b8f55d5238d42ee67fa8


    Headers

    Imports

    Sections

  • ninjamas.zip
    .zip
  • 217-c1.bin
  • 217-c2.bin
  • 217-c3.bin
  • 217-c4.bin
  • 217-c5.bin
  • 217-c6.bin
  • 217-c7.bin
  • 217-c8.bin
  • 217-m1.bin
  • 217-p1.bin
  • 217-p2.bin
  • 217-s1.bin
  • 217-v1.bin
  • 217-v2.bin
  • readme.txt
  • roms/neogeo.zip
    .zip
  • neo-geo.rom
  • ng-lo.rom
  • ng-sfix.rom
  • ng-sm1.rom
  • roms/ninjamas.zip
    .zip
  • 217-c1.bin
  • 217-c2.bin
  • 217-c3.bin
  • 217-c4.bin
  • 217-c5.bin
  • 217-c6.bin
  • 217-c7.bin
  • 217-c8.bin
  • 217-m1.bin
  • 217-p1.bin
  • 217-p2.bin
  • 217-s1.bin
  • 217-v1.bin
  • 217-v2.bin
  • zip32.dll
    .dll windows:4 windows x86 arch:x86

    db1e4d25a40dfd2a9f2ff326c81166fe


    Headers

    Imports

    Exports

    Sections