Overview

overview

7

Static

static

3

201037d0ab...18.exe

windows7-x64

7

201037d0ab...18.exe

windows10-2004-x64

7

$1/Tablacu...ff.exe

windows7-x64

1

$1/Tablacu...ff.exe

windows10-2004-x64

1

$3/$APPDAT...er.exe

windows7-x64

7

$3/$APPDAT...er.exe

windows10-2004-x64

7

$PLUGINSDI...ss.dll

windows7-x64

3

$PLUGINSDI...ss.dll

windows10-2004-x64

3

$PLUGINSDI...ss.dll

windows7-x64

3

$PLUGINSDI...ss.dll

windows10-2004-x64

3

$R1/Tablacus.exe

windows7-x64

4

$R1/Tablacus.exe

windows10-2004-x64

3

$R1/TablacusApp.exe

windows7-x64

1

$R1/TablacusApp.exe

windows10-2004-x64

1

$R1/script...und.js

windows7-x64

3

$R1/script...und.js

windows10-2004-x64

3

$R1/script/common.js

windows7-x64

3

$R1/script/common.js

windows10-2004-x64

3

$R1/script/consts.js

windows7-x64

3

$R1/script/consts.js

windows10-2004-x64

3

$R1/script...g.html

windows7-x64

1

$R1/script...g.html

windows10-2004-x64

1

$R1/script/index.html

windows7-x64

1

$R1/script/index.html

windows10-2004-x64

1

$R1/script/index.js

windows7-x64

3

$R1/script/index.js

windows10-2004-x64

3

$R1/script...n.html

windows7-x64

1

$R1/script...n.html

windows10-2004-x64

1

$R1/script...s.html

windows7-x64

1

$R1/script...s.html

windows10-2004-x64

1

$R1/script/options.js

windows7-x64

3

$R1/script/options.js

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    201037d0abd9a98db87dd8c16abcd32c_JaffaCakes118

  • Size

    551KB

  • MD5

    201037d0abd9a98db87dd8c16abcd32c

  • SHA1

    8fa5f6119b1b9da114f85e27a0df046ed64dfd7c

  • SHA256

    fe22e0a3594bff1aaa8daa3d102e840bde89ea342a3e16dfb1ee298f08e5696f

  • SHA512

    7595f30e20dd8058ce12ed17283aa9915a49c6e07624e257283011a985975850510d12ac55e5150268cf7da13eb16742cc7bf737b91aba63ccbefe5bc514056c

  • SSDEEP

    12288:et9r8hcmTtcNqOQ/3AjTr7vHSujL6Tc8VpSriup858QjJgE85:uZfmJcN0/3YrziThSrHp8KQVgE0

Score
3/10

Malware Config

Signatures

  • Unsigned PE 7 IoCs

    Checks for missing Authenticode signature.

Files

  • 201037d0abd9a98db87dd8c16abcd32c_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    e2a592076b17ef8bfb48b7e03965a3fc


    Headers

    Imports

    Sections

  • $1/TablacusInstallerStuff.exe
    .exe windows:5 windows x86 arch:x86

    21fe65e631bd88c3a9d2b29094d64277


    Headers

    Imports

    Sections

  • $3/$APPDATA/TablacusApp/uninstaller.exe
    .exe windows:4 windows x86 arch:x86

    e2a592076b17ef8bfb48b7e03965a3fc


    Headers

    Imports

    Sections

  • $PLUGINSDIR/nsProcess.dll
    .dll windows:5 windows x86 arch:x86

    439074d1c01f7b16781bdf060930814a


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsProcess.dll
    .dll windows:5 windows x86 arch:x86

    439074d1c01f7b16781bdf060930814a


    Headers

    Imports

    Exports

    Sections

  • $R1/Tablacus.exe
    .exe windows:5 windows x86 arch:x86

    8d3fcb29b341b50d5a29b25cb6dc7da7


    Headers

    Imports

    Sections

  • $R1/TablacusApp.exe
    .exe windows:5 windows x86 arch:x86

    e62540c77fc426916debe692082f5c52


    Headers

    Imports

    Sections

  • $R1/config/window.xml
    .xml
  • $R1/init/addons.xml
    .xml
  • $R1/init/key.xml
    .xml
  • $R1/init/menus.xml
    .xml
  • $R1/init/mouse.xml
    .xml
  • $R1/lang/de.xml
  • $R1/lang/en.xml
  • $R1/lang/es.xml
  • $R1/lang/fr.xml
  • $R1/lang/it.xml
  • $R1/lang/ja.xml
  • $R1/lang/pt.xml
  • $R1/lang/ru.xml
  • $R1/lang/zh.xml
  • $R1/lang/zh_cn.xml
  • $R1/layout/1tab.xml
    .xml
  • $R1/layout/4tabs.xml
    .xml
  • $R1/layout/bottom_tab.xml
    .xml
  • $R1/layout/h2tabs.xml
    .xml
  • $R1/layout/left_tab.xml
    .xml
  • $R1/layout/right_tab.xml
    .xml
  • $R1/layout/tree_1tab.xml
    .xml
  • $R1/layout/tree_2tabs.xml
    .xml
  • $R1/layout/v2tabs.xml
    .xml
  • $R1/layout/vertical_tab.xml
    .xml
  • $R1/readme.txt
  • $R1/script/background.js
    .js
  • $R1/script/common.js
    .js
  • $R1/script/consts.js
    .js
  • $R1/script/dialog.html
    .html
  • $R1/script/index.css
  • $R1/script/index.html
    .html
  • $R1/script/index.js
    .js
  • $R1/script/location.html
    .html
  • $R1/script/options.css
  • $R1/script/options.html
    .html
  • $R1/script/options.js
    .js