Overview

overview

7

Static

static

3

2a7c537907...18.exe

windows7-x64

7

2a7c537907...18.exe

windows10-2004-x64

7

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...ls.dll

windows7-x64

3

$PLUGINSDI...ls.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

ahdts.exe

windows7-x64

1

ahdts.exe

windows10-2004-x64

1

uninst.exe

windows7-x64

7

uninst.exe

windows10-2004-x64

7

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/inetc.dll

windows7-x64

3

$PLUGINSDIR/inetc.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    2a7c5379075247ca403a1dbf3138b245_JaffaCakes118

  • Size

    904KB

  • MD5

    2a7c5379075247ca403a1dbf3138b245

  • SHA1

    d36bca64ab54ec0c64923cacbeb980eb7009e415

  • SHA256

    8140fbc009ff590f28887722af3b37919b233fdefa667b13caea7623973be5df

  • SHA512

    3eba6f93aa70c3fa29dbef5741cb2782aa567cc1d8d68aebf409d588dcc12ea337afa953ebbc0849982f3e81cf3e66052974087448e1364fd1d23e4d6bdf77c4

  • SSDEEP

    24576:hv+3npwTxbdUnkPphD89vUEOBINIwBd4g6AcwK/N4:t+5wT9DwvUjSNN3cI

Score
3/10

Malware Config

Signatures

  • Unsigned PE 10 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 4 IoCs
    installer

Files

  • 2a7c5379075247ca403a1dbf3138b245_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    b1a57b635b23ffd553b3fd1e0960b2bd


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/FindProcDLL.dll
    .dll windows:4 windows x86 arch:x86

    8df26927f8978d4eb40ff179c0aa961b


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    738dc9bb91549f627cf1953c2000e1d6


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/KillProcDLL.dll
    .dll windows:4 windows x86 arch:x86

    153027ec3b10bcea606b777657dd3402


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/StdUtils.dll
    .dll windows:5 windows x86 arch:x86

    ea9b3ea5cd9e2014ad3724e31f62cf5e


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    f2ac1ab587d5531d5f1bf76c094aef4c


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-header.bmp
  • $PLUGINSDIR/modern-wizard.bmp
  • ahdts.exe
    .exe windows:5 windows x86 arch:x86

    edb7c28d869f3b077190b9c7cf93dcde


    Code Sign

    Headers

    Imports

    Sections

  • lander.ini
  • uninst.exe
    .exe windows:4 windows x86 arch:x86

    b76363e9cb88bf9390860da8e50999d2


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/FindProcDLL.dll
    .dll windows:4 windows x86 arch:x86

    8df26927f8978d4eb40ff179c0aa961b


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/KillProcDLL.dll
    .dll windows:4 windows x86 arch:x86

    153027ec3b10bcea606b777657dd3402


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    f2ac1ab587d5531d5f1bf76c094aef4c


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/WizModernImage.bmp
  • $PLUGINSDIR/inetc.dll
    .dll windows:4 windows x86 arch:x86

    3f1149a3053980fe6b461521d2b55a2c


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/modern-header.bmp
  • $PLUGINSDIR/nsDialogs.dll
    .dll windows:4 windows x86 arch:x86

    f03b2bab186574d8892d3d73fa9fd3fd


    Headers

    Imports

    Exports

    Sections