Overview

overview

7

Static

static

7

297f94876c...18.exe

windows7-x64

7

297f94876c...18.exe

windows10-2004-x64

7

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$PLUGINSDI...ay.dll

windows7-x64

7

$PLUGINSDI...ay.dll

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    297f94876c2c050bd2b806fe334e7539_JaffaCakes118

  • Size

    46KB

  • MD5

    297f94876c2c050bd2b806fe334e7539

  • SHA1

    5aedf9a575cd96d55482d4a2ab993ccbf1617498

  • SHA256

    322b0dc1f35646866757fd46912bd5337a44a40f42958ccc0fd9909ef3481889

  • SHA512

    c140a0bc01a0ac04b7fd041080740d04b27548a1d5a73a7ee9678d8a82d0db370bc4ce6ac8a808356b8a8312b7a5e06b2d84e2ef0222319385b10a24b14b9fe1

  • SSDEEP

    768:h4wO7XBz+5Qm3W0tYdrQZHV4EWuWEUOg4jjfS3XJcq5Zrq9N0HqgzHSNOYxsIeXY:6LXB65939tY6HBg4sXJcq5pS8qcy45up

Score
7/10
upx

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 1 IoCs

    Detects file using ACProtect software.

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 4 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 2 IoCs
    installer

Files

  • 297f94876c2c050bd2b806fe334e7539_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    7fa974366048f9c551ef45714595665e


    Headers

    Imports

    Sections

  • $PLUGINSDIR/NSISdl.dll
    .dll windows:4 windows x86 arch:x86

    9cce555dd3ff1b6c7dc92d64c794c51a


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsArray.dll
    .dll windows:6 windows x86 arch:x86


    Headers

    Exports

    Sections

  • out.upx
    .dll windows:6 windows x86 arch:x86


    Headers

    Sections