Overview

overview

7

Static

static

3

1668b48c88...18.exe

windows7-x64

7

1668b48c88...18.exe

windows10-2004-x64

7

$PLUGINSDI...ew.dll

windows7-x64

3

$PLUGINSDI...ew.dll

windows10-2004-x64

3

$PLUGINSDI...is.dll

windows7-x64

3

$PLUGINSDI...is.dll

windows10-2004-x64

3

$PLUGINSDI...ay.dll

windows7-x64

3

$PLUGINSDI...ay.dll

windows10-2004-x64

3

$PLUGINSDI...nk.dll

windows7-x64

3

$PLUGINSDI...nk.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/inetc.dll

windows7-x64

1

$PLUGINSDIR/inetc.dll

windows10-2004-x64

1

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$TEMP/kwun...er.exe

windows7-x64

3

$TEMP/kwun...er.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    1668b48c88c4fed4e45bec143385eedb_JaffaCakes118

  • Size

    661KB

  • MD5

    1668b48c88c4fed4e45bec143385eedb

  • SHA1

    4bffc9ffb9bca13168d9a340c435a0ef1ea48909

  • SHA256

    131bed4bb43f6bab0183ccd74cedcbce8df136cd23e6c116ab6d8446fb59ab7b

  • SHA512

    3565bf6585679a7d297c8c212587cc312177c8e4bd6f13a5285174e9a08b1427c4bd5b46e8ff7634be1e1088638013fbbf411cd84671185d2b2446ddab875abe

  • SSDEEP

    12288:41HnBws6vFhIEHcfbbWwpDZcF97L5O0VwfWljM5tm:4buLmbCwLcDH5Orf8oDm

Score
3/10

Malware Config

Signatures

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • 1668b48c88c4fed4e45bec143385eedb_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    ee90b300161ad563b7387f4d64789dc2


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/KuWoNsis_new.dll
    .dll windows:5 windows x86 arch:x86

    d4a8beea4f629ad607201ed3f502d78c


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/KwMusicNsis.dll
    .dll windows:5 windows x86 arch:x86

    09fea2f174eaa6acb5eafe9ce5f2b8ae


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/NSISArray.dll
    .dll windows:5 windows x86 arch:x86

    812688d08c0d4a81ed86daeebcf15c55


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ShellLink.dll
    .dll windows:5 windows x86 arch:x86

    50112fdd20200a51dbedeae8f1f33cdb


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    039bcbc605477e8e87ec550c2e60e748


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/inetc.dll
    .dll windows:6 windows x86 arch:x86

    3907333ed0258fd761f45695b76b5c4e


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsDialogs.dll
    .dll windows:4 windows x86 arch:x86

    25a5640a89eb79c57f60a91d10524b18


    Headers

    Imports

    Exports

    Sections

  • $TEMP/kwuninsthelper.exe
    .exe windows:4 windows x86 arch:x86

    ee90b300161ad563b7387f4d64789dc2


    Code Sign

    Headers

    Imports

    Sections