Overview

overview

7

Static

static

3

1ee1ea9387...18.exe

windows7-x64

7

1ee1ea9387...18.exe

windows10-2004-x64

7

$PLUGINSDI...sh.dll

windows7-x64

3

$PLUGINSDI...sh.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

HacmeCasino.exe

windows7-x64

7

HacmeCasino.exe

windows10-2004-x64

7

HacmeCasin...de.pdf

windows7-x64

1

HacmeCasin...de.pdf

windows10-2004-x64

1

uninstall.exe

windows7-x64

7

uninstall.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    1ee1ea9387cffd462afbb8632028c3c7_JaffaCakes118

  • Size

    8.2MB

  • MD5

    1ee1ea9387cffd462afbb8632028c3c7

  • SHA1

    b71e7dba4ad8e230b158a71db8c06152383251c8

  • SHA256

    c22abec2e3fcf543753380cf17b136d61465c417cd24ec925f2946ea6a9bae92

  • SHA512

    5086da433180e21554be6d94be9c0cfbd6b0c9c10f5ab8897f24452498ac3f956237e0f1e4f25d99228ce61ede6457edbcec70f7692d75732bac23e2b230976e

  • SSDEEP

    196608:repgKmzw6XLN4dTtbHtCgdJjxTztR5OpvSEjHnFigef3s:qpgrwY4NZ3D5trOpDnFigefc

Score
3/10
pdflink

Malware Config

Signatures

  • One or more HTTP URLs in PDF identified

    Detects presence of HTTP links in PDF files.

    pdflink
  • Unsigned PE 5 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 2 IoCs
    installer

Files

  • 1ee1ea9387cffd462afbb8632028c3c7_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    18bc6fa81e19f21156316b1ae696ed6b


    Headers

    Imports

    Sections

  • $PLUGINSDIR/AdvSplash.dll
    .dll windows:4 windows x86 arch:x86

    741b6bafe355b63a372d737b30543a95


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    57354bdeea3dfae6e948101add87501a


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/spltmp.bmp
  • $PLUGINSDIR/warning.ini
  • HacmeCasino.exe
    .exe windows:4 windows x86 arch:x86

    9a506fc567a264315249e67c4d0bff1b


    Headers

    Imports

    Sections

  • HacmeCasino_UserGuide.pdf
    .pdf

    • http://localhost:3000/account/transfer_chips?transfer=0&login[]=bobby_blackjack&commit=Transfer+Chips

    • http://localhost:3000/account/transfer_chips?transfer=1000&login%5B%5D=andy_aces&commit=Transfer+Chips

    • http://localhost:3000/account/transfer_chips?transfer=1000&login[]=andy_aces&commit=Transfer+Chips

    • http://localhost:3000/blackjack/hit_or_stay?act=S

    • http://localhost:3000/video_poker/test

    • http://localhost:3000/video_poker/test_deuces_wild

    • http://localhost:3000/video_poker/test_hand

    • http://localhost:3000/video_poker/test_video_poker

    • http://sourceforge.net/projects/foundstone

    • Show all
  • images/PDF.ico
  • images/fs_icon_32.ico
  • uninstall.exe
    .exe windows:4 windows x86 arch:x86

    18bc6fa81e19f21156316b1ae696ed6b


    Headers

    Imports

    Sections