Overview

overview

7

Static

static

3

2ee73eec87...18.exe

windows7-x64

7

2ee73eec87...18.exe

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$PLUGINSDI...ls.dll

windows7-x64

3

$PLUGINSDI...ls.dll

windows10-2004-x64

3

$PLUGINSDI..._1.dll

windows7-x64

3

$PLUGINSDI..._1.dll

windows10-2004-x64

3

$TEMP/sp-d...er.exe

windows7-x64

7

$TEMP/sp-d...er.exe

windows10-2004-x64

1

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/inetc.dll

windows7-x64

3

$PLUGINSDIR/inetc.dll

windows10-2004-x64

3

$_113_/Tbc...UI.exe

windows7-x64

3

$_113_/Tbc...UI.exe

windows10-2004-x64

3

$_113_/Tbc...UI.exe

windows7-x64

3

$_113_/Tbc...UI.exe

windows10-2004-x64

3

$_245_/$_2...0_.dll

windows7-x64

7

$_245_/$_2...0_.dll

windows10-2004-x64

7

$_47_.dll

windows7-x64

1

$_47_.dll

windows10-2004-x64

1

$_59_.dll

windows7-x64

1

$_59_.dll

windows10-2004-x64

1

$_63_.exe

windows7-x64

1

$_63_.exe

windows10-2004-x64

1

$_64_.exe

windows7-x64

1

$_64_.exe

windows10-2004-x64

1

$_68_.dll

windows7-x64

1

$_68_.dll

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    2ee73eec87180b36919d773df5666628_JaffaCakes118

  • Size

    3.2MB

  • MD5

    2ee73eec87180b36919d773df5666628

  • SHA1

    710eb24f2240dd0aa4552fbef437a3af52f641ff

  • SHA256

    1253d6e28d6586c62c6885b0de417de84ae374ce91fca40dd817fed53fc3983c

  • SHA512

    3e81ab94643feff0f9f81fbed9a9c366f8e7ddeb8e97d609709d9208adfdbf7fb4770ee99d858ab8107aef7fc96de2e19481331faa26b96e4c337a3da0de801f

  • SSDEEP

    49152:zDORRY80Oi2wLgo5Ny5OnwUJ2owBD+A8+pnQ2hO1KV2/E94J9CtzcqlbpLA:zDwY80hNSOwUJDpAZpnv2KVyJbqllLA

Score
3/10

Malware Config

Signatures

  • Unsigned PE 4 IoCs

    Checks for missing Authenticode signature.

Files

  • 2ee73eec87180b36919d773df5666628_JaffaCakes118
    .exe windows:5 windows x86 arch:x86

    b729b61eb1515fcf7b3e511e4e66258b


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/PublisherLogoDefault.bmp
  • $PLUGINSDIR/System.dll
    .dll windows:5 windows x86 arch:x86

    039bcbc605477e8e87ec550c2e60e748


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/license.txt
  • $PLUGINSDIR/nsDialogs.dll
    .dll windows:5 windows x86 arch:x86

    9ea5bdc8c90dfcffe309465c26c89758


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsIEUtils.dll
    .dll windows:5 windows x86 arch:x86

    748dbc1e7371c1881c596856d8a01602


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsJSON_2_0_1_1.dll
    .dll windows:5 windows x86 arch:x86

    6a53511d70a353598fbaca220bfb6a3b


    Headers

    Imports

    Exports

    Sections

  • $TEMP/Free_Lunch_Design_TB/$_127_
  • $TEMP/sp-downloader.exe
    .exe windows:5 windows x86 arch:x86

    b729b61eb1515fcf7b3e511e4e66258b


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:5 windows x86 arch:x86

    039bcbc605477e8e87ec550c2e60e748


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/inetc.dll
    .dll windows:4 windows x86 arch:x86

    917ae9b9adb269abd5543f5bf5676bac


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $_113_/Tbccint/IE/$_13_/SetupIcon.ico
  • $_113_/Tbccint/IE/$_13_/UninstallerUI.exe
    .exe windows:5 windows x86 arch:x86

    be41bf7b8cc010b614bd36bbca606973


    Code Sign

    Headers

    Imports

    Sections

  • .data
  • .rdata
  • .reloc
  • .rsrc/0/version.txt
  • .rsrc/1033/DIALOG/105
  • .rsrc/1033/DIALOG/106
  • .rsrc/1033/DIALOG/111
  • .rsrc/1033/GROUP_ICON/103
  • .rsrc/1033/ICON/1.ico
  • .rsrc/1033/MANIFEST/1
  • .rsrc_1
  • .text
  • CERTIFICATE
  • [0]
  • $_113_/Tbccint/Multi/$_13_/SetupIcon.ico
  • $_113_/Tbccint/Multi/$_13_/UninstallerUI.exe
    .exe windows:5 windows x86 arch:x86

    be41bf7b8cc010b614bd36bbca606973


    Code Sign

    Headers

    Imports

    Sections

  • .data
  • .rdata
  • .reloc
  • .rsrc/0/version.txt
  • .rsrc/1033/DIALOG/105
  • .rsrc/1033/DIALOG/106
  • .rsrc/1033/DIALOG/111
  • .rsrc/1033/GROUP_ICON/103
  • .rsrc/1033/ICON/1.ico
  • .rsrc/1033/MANIFEST/1
  • .rsrc_1
  • .text
  • CERTIFICATE
  • [0]
  • $_127_
  • $_245_/$_245_/$_250_
    .dll regsvr32 windows:5 windows x86 arch:x86

    c5170c87bb9e0f4a5d227d9c543b0676


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $_47_
    .dll regsvr32 windows:5 windows x86 arch:x86

    52c9dddfb1d6497132c338a22ba3787e


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $_59_
    .dll regsvr32 windows:5 windows x86 arch:x86

    148ef0fdc946707c59b33fca026fb54e


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $_63_
    .exe windows:5 windows x86 arch:x86

    7b25d62fac6a93a74552bdc3dd699b98


    Code Sign

    Headers

    Imports

    Sections

  • $_64_
    .exe windows:5 windows x86 arch:x86

    7b25d62fac6a93a74552bdc3dd699b98


    Code Sign

    Headers

    Imports

    Sections

  • $_68_
    .dll windows:5 windows x86 arch:x86

    65fe4d71be75e757f7c3fc7f51ceea9b


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $_69_
    .dll windows:5 windows x86 arch:x86

    af29243a09af42773b04e6dff27fba02


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $_70_
    .dll windows:5 windows x64 arch:x64

    3a44621760b04fca07d1739a443a199f


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $_71_
    .dll windows:6 windows x86 arch:x86

    69e48d0f88e508d867865306d28a465c


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $_72_
    .dll windows:6 windows x64 arch:x64

    0128fd8c9dd22c678e9f61d4212b3634


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $_84_
    .dll regsvr32 windows:5 windows x86 arch:x86

    52c9dddfb1d6497132c338a22ba3787e


    Code Sign

    Headers

    Imports

    Exports

    Sections