Overview

overview

7

Static

static

3

2676f2483c...18.exe

windows7-x64

7

2676f2483c...18.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...m3.dll

windows7-x64

3

$PLUGINSDI...m3.dll

windows10-2004-x64

3

$PLUGINSDIR/UAC.dll

windows7-x64

3

$PLUGINSDIR/UAC.dll

windows10-2004-x64

3

$PLUGINSDI...fo.dll

windows7-x64

3

$PLUGINSDI...fo.dll

windows10-2004-x64

3

$TEMP/$_2_...ll.exe

windows7-x64

7

$TEMP/$_2_...ll.exe

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...m3.dll

windows7-x64

3

$PLUGINSDI...m3.dll

windows10-2004-x64

3

$PLUGINSDIR/UAC.dll

windows7-x64

3

$PLUGINSDIR/UAC.dll

windows10-2004-x64

3

$PLUGINSDI...fo.dll

windows7-x64

3

$PLUGINSDI...fo.dll

windows10-2004-x64

3

$R2/Chromium.dll

windows7-x64

1

$R2/Chromium.dll

windows10-2004-x64

1

$R2/H4Z0ONa.dll

windows7-x64

1

$R2/H4Z0ONa.dll

windows10-2004-x64

1

$R2/freebl3.dll

windows7-x64

1

$R2/freebl3.dll

windows10-2004-x64

1

$R2/nspr4.dll

windows7-x64

1

$R2/nspr4.dll

windows10-2004-x64

1

$R2/nss3.dll

windows7-x64

1

$R2/nss3.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    2676f2483ce3397255199841dbf6f72a_JaffaCakes118

  • Size

    2.0MB

  • MD5

    2676f2483ce3397255199841dbf6f72a

  • SHA1

    e14e9fb0694a667c73731a0fa71f932cf702cae3

  • SHA256

    305f2ce27569d8ea83d384990b2fd483d0b3104f89c3123e73bed29032048b09

  • SHA512

    275eb02fe4e362f0cdf86a9a90f86b0431ace9097e6f4a692cd77f6f85a417347d5a87760f917018146ee72fb28b26ba91c152e79d0809e53af3ae0b119fffe1

  • SSDEEP

    49152:T5zvfD1RgD1zwLJ1d4B/4eRVbewPSD0NLiTugJLTfkH+TQ3zP:T5znD1Ru1zwLJTigsewPS4ZiTzJLQr

Score
3/10

Malware Config

Signatures

  • Unsigned PE 56 IoCs

    Checks for missing Authenticode signature.

Files

  • 2676f2483ce3397255199841dbf6f72a_JaffaCakes118
    .exe windows:5 windows x86 arch:x86

    2713652bd26cab809ccd5ddf895d5608


    Headers

    Imports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:6 windows x86 arch:x86

    8271359a8e641c0a4319571391b52ad2


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:6 windows x86 arch:x86

    735af6e7c9e2337e1f149e9c0bc6c2dd


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System3.dll
    .dll windows:4 windows x86 arch:x86

    fc0224e99e736751432961db63a41b76


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/UAC.dll
    .dll windows:5 windows x86 arch:x86

    c4cf8cb71c61d6841cf619ba762c087e


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/UserInfo.dll
    .dll windows:6 windows x86 arch:x86

    be888985e801eacb6b3c18e8aa167046


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-wizard.bmp
  • $TEMP/$_2_/JdfdCbD
  • $TEMP/$_2_/tEMGnoa
  • $TEMP/$_2_/uninstall.exe
    .exe windows:5 windows x86 arch:x86

    2713652bd26cab809ccd5ddf895d5608


    Headers

    Imports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:6 windows x86 arch:x86

    735af6e7c9e2337e1f149e9c0bc6c2dd


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System3.dll
    .dll windows:4 windows x86 arch:x86

    fc0224e99e736751432961db63a41b76


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/UAC.dll
    .dll windows:5 windows x86 arch:x86

    c4cf8cb71c61d6841cf619ba762c087e


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/UserInfo.dll
    .dll windows:6 windows x86 arch:x86

    be888985e801eacb6b3c18e8aa167046


    Headers

    Imports

    Exports

    Sections

  • $R2/Chromium.dll
    .dll windows:6 windows x86 arch:x86

    df6d222219f5191aa795d4dd5906a56c


    Headers

    Imports

    Sections

  • $R2/H4Z0ONa.dll
    .dll windows:6 windows x86 arch:x86

    8e695a99cfb1a174bd41ebba3057ceed


    Headers

    Imports

    Sections

  • $R2/freebl3.dll
    .dll windows:6 windows x86 arch:x86

    68765e49af812cea06653c4ddee9320d


    Headers

    Imports

    Exports

    Sections

  • $R2/nspr4.dll
    .dll windows:6 windows x86 arch:x86

    a6070e3824e66675bb029a2cf7952a4f


    Headers

    Imports

    Exports

    Sections

  • $R2/nss3.dll
    .dll windows:6 windows x86 arch:x86

    6cd56e141455c142cb5bb6dccfd4792a


    Headers

    Imports

    Exports

    Sections

  • $R2/nssutil3.dll
    .dll windows:6 windows x86 arch:x86

    6ba16e7e12b3827a81a688ff0a5191a4


    Headers

    Imports

    Exports

    Sections

  • $R2/plc4.dll
    .dll windows:6 windows x86 arch:x86

    4598533a0c3b6c5ddb9612a89de425ce


    Headers

    Imports

    Exports

    Sections

  • $R2/plds4.dll
    .dll windows:6 windows x86 arch:x86

    4f9a53fbf939884bc7e65bde68799fc4


    Headers

    Imports

    Exports

    Sections

  • $R2/softokn3.dll
    .dll windows:6 windows x86 arch:x86

    f62703f3be4a59d359a62952d431248f


    Headers

    Imports

    Exports

    Sections

  • $R2/sqlite3.dll
    .dll windows:6 windows x86 arch:x86

    08e0c5c4d25d1d7e6ba2923f9444c9ee


    Headers

    Imports

    Exports

    Sections

  • $TEMP/$_2_/Chromium.dll
    .dll windows:6 windows x86 arch:x86

    df6d222219f5191aa795d4dd5906a56c


    Headers

    Imports

    Sections

  • $TEMP/$_2_/H4Z0ONa.dll
    .dll windows:6 windows x86 arch:x86

    8e695a99cfb1a174bd41ebba3057ceed


    Headers

    Imports

    Sections

  • $TEMP/$_2_/freebl3.dll
    .dll windows:6 windows x86 arch:x86

    68765e49af812cea06653c4ddee9320d


    Headers

    Imports

    Exports

    Sections

  • $TEMP/$_2_/nspr4.dll
    .dll windows:6 windows x86 arch:x86

    a6070e3824e66675bb029a2cf7952a4f


    Headers

    Imports

    Exports

    Sections

  • $TEMP/$_2_/nss3.dll
    .dll windows:6 windows x86 arch:x86

    6cd56e141455c142cb5bb6dccfd4792a


    Headers

    Imports

    Exports

    Sections

  • $TEMP/$_2_/nssutil3.dll
    .dll windows:6 windows x86 arch:x86

    6ba16e7e12b3827a81a688ff0a5191a4


    Headers

    Imports

    Exports

    Sections

  • $TEMP/$_2_/plc4.dll
    .dll windows:6 windows x86 arch:x86

    4598533a0c3b6c5ddb9612a89de425ce


    Headers

    Imports

    Exports

    Sections

  • $TEMP/$_2_/plds4.dll
    .dll windows:6 windows x86 arch:x86

    4f9a53fbf939884bc7e65bde68799fc4


    Headers

    Imports

    Exports

    Sections

  • $TEMP/$_2_/softokn3.dll
    .dll windows:6 windows x86 arch:x86

    f62703f3be4a59d359a62952d431248f


    Headers

    Imports

    Exports

    Sections

  • $TEMP/$_2_/sqlite3.dll
    .dll windows:6 windows x86 arch:x86

    08e0c5c4d25d1d7e6ba2923f9444c9ee


    Headers

    Imports

    Exports

    Sections

  • 9qdv5pB
  • uninstall.exe
    .exe windows:5 windows x86 arch:x86

    2713652bd26cab809ccd5ddf895d5608


    Headers

    Imports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:6 windows x86 arch:x86

    735af6e7c9e2337e1f149e9c0bc6c2dd


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System3.dll
    .dll windows:4 windows x86 arch:x86

    fc0224e99e736751432961db63a41b76


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/UAC.dll
    .dll windows:5 windows x86 arch:x86

    c4cf8cb71c61d6841cf619ba762c087e


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/UserInfo.dll
    .dll windows:6 windows x86 arch:x86

    be888985e801eacb6b3c18e8aa167046


    Headers

    Imports

    Exports

    Sections

  • $R2/Chromium.dll
    .dll windows:6 windows x86 arch:x86

    df6d222219f5191aa795d4dd5906a56c


    Headers

    Imports

    Sections

  • $R2/H4Z0ONa.dll
    .dll windows:6 windows x86 arch:x86

    8e695a99cfb1a174bd41ebba3057ceed


    Headers

    Imports

    Sections

  • $R2/freebl3.dll
    .dll windows:6 windows x86 arch:x86

    68765e49af812cea06653c4ddee9320d


    Headers

    Imports

    Exports

    Sections

  • $R2/nspr4.dll
    .dll windows:6 windows x86 arch:x86

    a6070e3824e66675bb029a2cf7952a4f


    Headers

    Imports

    Exports

    Sections

  • $R2/nss3.dll
    .dll windows:6 windows x86 arch:x86

    6cd56e141455c142cb5bb6dccfd4792a


    Headers

    Imports

    Exports

    Sections

  • $R2/nssutil3.dll
    .dll windows:6 windows x86 arch:x86

    6ba16e7e12b3827a81a688ff0a5191a4


    Headers

    Imports

    Exports

    Sections

  • $R2/plc4.dll
    .dll windows:6 windows x86 arch:x86

    4598533a0c3b6c5ddb9612a89de425ce


    Headers

    Imports

    Exports

    Sections

  • $R2/plds4.dll
    .dll windows:6 windows x86 arch:x86

    4f9a53fbf939884bc7e65bde68799fc4


    Headers

    Imports

    Exports

    Sections

  • $R2/softokn3.dll
    .dll windows:6 windows x86 arch:x86

    f62703f3be4a59d359a62952d431248f


    Headers

    Imports

    Exports

    Sections

  • $R2/sqlite3.dll
    .dll windows:6 windows x86 arch:x86

    08e0c5c4d25d1d7e6ba2923f9444c9ee


    Headers

    Imports

    Exports

    Sections

  • $TEMP/$_2_/Chromium.dll
    .dll windows:6 windows x86 arch:x86

    df6d222219f5191aa795d4dd5906a56c


    Headers

    Imports

    Sections

  • $TEMP/$_2_/H4Z0ONa.dll
    .dll windows:6 windows x86 arch:x86

    8e695a99cfb1a174bd41ebba3057ceed


    Headers

    Imports

    Sections

  • $TEMP/$_2_/freebl3.dll
    .dll windows:6 windows x86 arch:x86

    68765e49af812cea06653c4ddee9320d


    Headers

    Imports

    Exports

    Sections

  • $TEMP/$_2_/nspr4.dll
    .dll windows:6 windows x86 arch:x86

    a6070e3824e66675bb029a2cf7952a4f


    Headers

    Imports

    Exports

    Sections

  • $TEMP/$_2_/nss3.dll
    .dll windows:6 windows x86 arch:x86

    6cd56e141455c142cb5bb6dccfd4792a


    Headers

    Imports

    Exports

    Sections

  • $TEMP/$_2_/nssutil3.dll
    .dll windows:6 windows x86 arch:x86

    6ba16e7e12b3827a81a688ff0a5191a4


    Headers

    Imports

    Exports

    Sections

  • $TEMP/$_2_/plc4.dll
    .dll windows:6 windows x86 arch:x86

    4598533a0c3b6c5ddb9612a89de425ce


    Headers

    Imports

    Exports

    Sections

  • $TEMP/$_2_/plds4.dll
    .dll windows:6 windows x86 arch:x86

    4f9a53fbf939884bc7e65bde68799fc4


    Headers

    Imports

    Exports

    Sections

  • $TEMP/$_2_/softokn3.dll
    .dll windows:6 windows x86 arch:x86

    f62703f3be4a59d359a62952d431248f


    Headers

    Imports

    Exports

    Sections

  • $TEMP/$_2_/sqlite3.dll
    .dll windows:6 windows x86 arch:x86

    08e0c5c4d25d1d7e6ba2923f9444c9ee


    Headers

    Imports

    Exports

    Sections

  • wsQGSxj