Overview

overview

7

Static

static

3

138872dea9...18.exe

windows7-x64

7

138872dea9...18.exe

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$PLUGINSDI...ls.dll

windows7-x64

3

$PLUGINSDI...ls.dll

windows10-2004-x64

3

$PLUGINSDI..._1.dll

windows7-x64

3

$PLUGINSDI..._1.dll

windows10-2004-x64

3

$TEMP/sp-d...er.exe

windows7-x64

7

$TEMP/sp-d...er.exe

windows10-2004-x64

1

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/inetc.dll

windows7-x64

3

$PLUGINSDIR/inetc.dll

windows10-2004-x64

3

$_113_/Tbc...UI.exe

windows7-x64

1

$_113_/Tbc...UI.exe

windows10-2004-x64

3

$_113_/Tbc...UI.exe

windows7-x64

3

$_113_/Tbc...UI.exe

windows10-2004-x64

3

$_245_/$_2...0_.dll

windows7-x64

7

$_245_/$_2...0_.dll

windows10-2004-x64

7

$_47_.dll

windows7-x64

1

$_47_.dll

windows10-2004-x64

1

$_59_.dll

windows7-x64

1

$_59_.dll

windows10-2004-x64

1

$_63_.exe

windows7-x64

1

$_63_.exe

windows10-2004-x64

1

$_64_.exe

windows7-x64

1

$_64_.exe

windows10-2004-x64

1

$_68_.dll

windows7-x64

1

$_68_.dll

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    138872dea9da5954c97f0a4f07e442ef_JaffaCakes118

  • Size

    3.2MB

  • MD5

    138872dea9da5954c97f0a4f07e442ef

  • SHA1

    6670b5b2a263e81a5ad75b812f18cb110708c2e3

  • SHA256

    3a37a5bc7ebd35dc22c90021d1620947e5ae7da2166c04b3b75b07cd829f3dbd

  • SHA512

    76e46fc347918b043434c4ace0577f0d4528202b394acf1caf5f052e0937fe1f5f4013bcb6a93123a0016282fd0cd7d1daebb1198fce3429a688963b33ebdaef

  • SSDEEP

    49152:EzYrXmvvX5K/aPii75WLONNj2/40oC9gnOxShAVjswLi5cPkIN7I1:EbvXYaKEW+V2/vg6SQjsBVn

Score
3/10

Malware Config

Signatures

  • Unsigned PE 4 IoCs

    Checks for missing Authenticode signature.

Files

  • 138872dea9da5954c97f0a4f07e442ef_JaffaCakes118
    .exe windows:5 windows x86 arch:x86

    b729b61eb1515fcf7b3e511e4e66258b


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/PublisherLogoDefault.bmp
  • $PLUGINSDIR/System.dll
    .dll windows:5 windows x86 arch:x86

    039bcbc605477e8e87ec550c2e60e748


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/license.txt
  • $PLUGINSDIR/nsDialogs.dll
    .dll windows:5 windows x86 arch:x86

    9ea5bdc8c90dfcffe309465c26c89758


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsIEUtils.dll
    .dll windows:5 windows x86 arch:x86

    748dbc1e7371c1881c596856d8a01602


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsJSON_2_0_1_1.dll
    .dll windows:5 windows x86 arch:x86

    6a53511d70a353598fbaca220bfb6a3b


    Headers

    Imports

    Exports

    Sections

  • $TEMP/SweetTunes/$_127_
  • $TEMP/sp-downloader.exe
    .exe windows:5 windows x86 arch:x86

    b729b61eb1515fcf7b3e511e4e66258b


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:5 windows x86 arch:x86

    039bcbc605477e8e87ec550c2e60e748


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/inetc.dll
    .dll windows:4 windows x86 arch:x86

    917ae9b9adb269abd5543f5bf5676bac


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $_113_/Tbccint/IE/$_13_/SetupIcon.ico
  • $_113_/Tbccint/IE/$_13_/UninstallerUI.exe
    .exe windows:5 windows x86 arch:x86

    be41bf7b8cc010b614bd36bbca606973


    Code Sign

    Headers

    Imports

    Sections

  • .data
  • .rdata
  • .reloc
  • .rsrc/0/version.txt
  • .rsrc/1033/DIALOG/105
  • .rsrc/1033/DIALOG/106
  • .rsrc/1033/DIALOG/111
  • .rsrc/1033/GROUP_ICON/103
  • .rsrc/1033/ICON/1.ico
  • .rsrc/1033/MANIFEST/1
  • .rsrc_1
  • .text
  • CERTIFICATE
  • [0]
  • $_113_/Tbccint/Multi/$_13_/SetupIcon.ico
  • $_113_/Tbccint/Multi/$_13_/UninstallerUI.exe
    .exe windows:5 windows x86 arch:x86

    be41bf7b8cc010b614bd36bbca606973


    Code Sign

    Headers

    Imports

    Sections

  • .data
  • .rdata
  • .reloc
  • .rsrc/0/version.txt
  • .rsrc/1033/DIALOG/105
  • .rsrc/1033/DIALOG/106
  • .rsrc/1033/DIALOG/111
  • .rsrc/1033/GROUP_ICON/103
  • .rsrc/1033/ICON/1.ico
  • .rsrc/1033/MANIFEST/1
  • .rsrc_1
  • .text
  • CERTIFICATE
  • [0]
  • $_127_
  • $_245_/$_245_/$_250_
    .dll regsvr32 windows:5 windows x86 arch:x86

    c5170c87bb9e0f4a5d227d9c543b0676


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $_47_
    .dll regsvr32 windows:5 windows x86 arch:x86

    52c9dddfb1d6497132c338a22ba3787e


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $_59_
    .dll regsvr32 windows:5 windows x86 arch:x86

    148ef0fdc946707c59b33fca026fb54e


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $_63_
    .exe windows:5 windows x86 arch:x86

    7b25d62fac6a93a74552bdc3dd699b98


    Code Sign

    Headers

    Imports

    Sections

  • $_64_
    .exe windows:5 windows x86 arch:x86

    7b25d62fac6a93a74552bdc3dd699b98


    Code Sign

    Headers

    Imports

    Sections

  • $_68_
    .dll windows:5 windows x86 arch:x86

    65fe4d71be75e757f7c3fc7f51ceea9b


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $_69_
    .dll windows:5 windows x86 arch:x86

    af29243a09af42773b04e6dff27fba02


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $_70_
    .dll windows:5 windows x64 arch:x64

    3a44621760b04fca07d1739a443a199f


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $_71_
    .dll windows:6 windows x86 arch:x86

    69e48d0f88e508d867865306d28a465c


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $_72_
    .dll windows:6 windows x64 arch:x64

    0128fd8c9dd22c678e9f61d4212b3634


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $_84_
    .dll regsvr32 windows:5 windows x86 arch:x86

    52c9dddfb1d6497132c338a22ba3787e


    Code Sign

    Headers

    Imports

    Exports

    Sections