Overview

overview

4

Static

static

3

07522011f0...18.exe

windows7-x64

4

07522011f0...18.exe

windows10-2004-x64

4

$PLUGINSDI...ew.dll

windows7-x64

3

$PLUGINSDI...ew.dll

windows10-2004-x64

3

$PLUGINSDI...is.dll

windows7-x64

3

$PLUGINSDI...is.dll

windows10-2004-x64

3

$PLUGINSDI...ay.dll

windows7-x64

3

$PLUGINSDI...ay.dll

windows10-2004-x64

3

$PLUGINSDI...nk.dll

windows7-x64

3

$PLUGINSDI...nk.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/inetc.dll

windows7-x64

1

$PLUGINSDIR/inetc.dll

windows10-2004-x64

1

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$TEMP/kwun...er.exe

windows7-x64

3

$TEMP/kwun...er.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    07522011f0fce55cedf7b90430978ad9_JaffaCakes118

  • Size

    625KB

  • MD5

    07522011f0fce55cedf7b90430978ad9

  • SHA1

    239cd597ad6dc666be9f66dd75719b6fa37c86cb

  • SHA256

    0463e779edeab45cae22fb8adf7ba672aa6aca0dd68f3e2256ad01fbc47bb08b

  • SHA512

    fae1322696c1123a41e071e3c33b18964a7660490bfbdeb2785a27c33c8ebf0a2e0c0ba72c527eb1d7a1f9da55d7bbe0bd5dafc2ceeceae24824b40156a3801c

  • SSDEEP

    12288:x1HOBws6vFhIEYqB0zhFT3WX8F/wRTU6YM1mxXDAwJTVGvn7/z:xiuL++0zhDtITUw0xXX4/z

Score
3/10

Malware Config

Signatures

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • 07522011f0fce55cedf7b90430978ad9_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    ee90b300161ad563b7387f4d64789dc2


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/KuWoNsis_new.dll
    .dll windows:5 windows x86 arch:x86

    8cc197da719dfd6bd5e496af12ba45af


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/KwMusicNsis.dll
    .dll windows:5 windows x86 arch:x86

    6e199b4525d6490362a487f1766a55a6


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/NSISArray.dll
    .dll windows:5 windows x86 arch:x86

    812688d08c0d4a81ed86daeebcf15c55


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ShellLink.dll
    .dll windows:5 windows x86 arch:x86

    50112fdd20200a51dbedeae8f1f33cdb


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    039bcbc605477e8e87ec550c2e60e748


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/inetc.dll
    .dll windows:6 windows x86 arch:x86

    3907333ed0258fd761f45695b76b5c4e


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsDialogs.dll
    .dll windows:4 windows x86 arch:x86

    25a5640a89eb79c57f60a91d10524b18


    Headers

    Imports

    Exports

    Sections

  • $TEMP/kwuninsthelper.exe
    .exe windows:4 windows x86 arch:x86

    ee90b300161ad563b7387f4d64789dc2


    Code Sign

    Headers

    Imports

    Sections