Overview

overview

7

Static

static

3

03ea1889a3...18.exe

windows7-x64

7

03ea1889a3...18.exe

windows10-2004-x64

7

$PLUGINSDI...bw.dll

windows7-x64

3

$PLUGINSDI...bw.dll

windows10-2004-x64

3

$PLUGINSDI...nz.dll

windows7-x64

3

$PLUGINSDI...nz.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    03ea1889a3d6ee77142dc81d6c1d004b_JaffaCakes118

  • Size

    581KB

  • MD5

    03ea1889a3d6ee77142dc81d6c1d004b

  • SHA1

    ab2e0d6174f378fcc0b5c4f5421ac7bc75df5be2

  • SHA256

    1a3a3c4337638ea07d01b54a305c8566d2d9635625f6e5283dc730d02a5bf3c9

  • SHA512

    f2e9d391abf7230f38e04aea163dd71819e1b84211e1eab681031a0a32923c81d8ec3df4e0690309a37592fe26741f4f4cd8f766f67ae55fb1b20e1c48b77ab9

  • SSDEEP

    12288:g0C73yJg1PYuWJp9f++3QLa3nL0lqLbt3nQgfGA2reW4AfAcktWTEmr:g0wug1gxfZ3QLKniqN3nQgf6rH4ckWH

Score
3/10

Malware Config

Signatures

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 2 IoCs
    installer

Files

  • 03ea1889a3d6ee77142dc81d6c1d004b_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    7fa974366048f9c551ef45714595665e


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/nraigbw.dll
    .dll windows:6 windows x86 arch:x86

    94972ed9e2d37f60c26f3ae754dd86dc


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsisunz.dll
    .dll windows:4 windows x86 arch:x86

    0f92772da9c737d2bac38919e9863980


    Headers

    Imports

    Exports

    Sections

  • 1431842551.fbhcabfbfbbe