General

  • Target

    126fff08a5955d42438875e98c23487e_JaffaCakes118

  • Size

    4.6MB

  • MD5

    126fff08a5955d42438875e98c23487e

  • SHA1

    c358de8d49e52feb00342e2413b67448ec620ea5

  • SHA256

    5c8976657c81b6efedcccafafc4fa3a9ad53f2c72abde0e8256ee9c1de0cbdf2

  • SHA512

    32fdcd5d68dc367febd26a076f2db003f98fbf5248bac33b87904ec818e5bc43cad4904ce54307a652dcc5cce699ca854f539f8807520902ff5c865cbed0392e

  • SSDEEP

    98304:qwoiFIZ3et8abLGAQfBIqtO/ZIpBrfhuM/etsIcqC3qK:qwl/hPQfBIf6phZx/osJqCh

Score
10/10

Malware Config

Signatures

  • ModiLoader First Stage 1 IoCs
  • Modiloader family
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 11 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 2 IoCs

Files

  • 126fff08a5955d42438875e98c23487e_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    36276e7c12820586c6f4cfea7e3f74d2


    Headers

    Imports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    b1cd0d78f652ce5fc63f0879371af012


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-wizard.bmp
  • ATT06209.txt
  • Analizador.dll
    .dll windows:4 windows x86 arch:x86

    fc5a289328bf3325953cdc7175929be7


    Headers

    Imports

    Exports

    Sections

  • Ayuda.exe
    .exe windows:1 windows x86 arch:x86


    Headers

    Sections

  • E-mail_Marketing.exe
    .exe windows:4 windows x86 arch:x86

    8ad33f61cac275c537b6b9e47c341c44


    Headers

    Imports

    Exports

    Sections

  • E-mail_Marketing.exe.manifest
    .xml
  • Extractor.exe
    .exe windows:4 windows x86 arch:x86

    1a909fec9bdcf69eef2d4db2630bde58


    Headers

    Imports

    Sections

  • Seguridad.dll
    .dll windows:4 windows x86 arch:x86

    385ed2996782f4982ef1b2e4da5058ce


    Headers

    Imports

    Exports

    Sections

  • Servidor_em.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • Servidor_em.exe.manifest
    .xml
  • Servidor_em.opt
  • libeay32.dll
    .dll windows:5 windows x86 arch:x86

    43b0fe249f8f5a5ce8ac2d967a025119


    Headers

    Imports

    Exports

    Sections

  • ssleay32.dll
    .dll windows:5 windows x86 arch:x86

    bb97df0f2e9321ec4e2256179b5b9c2c


    Headers

    Imports

    Exports

    Sections

  • uninst.exe
    .exe windows:4 windows x86 arch:x86

    36276e7c12820586c6f4cfea7e3f74d2


    Headers

    Imports

    Sections