General

  • Target

    38a1e4ef30e966839934c22872a0a299_JaffaCakes118

  • Size

    2.6MB

  • MD5

    38a1e4ef30e966839934c22872a0a299

  • SHA1

    c2a5829bf728a44200806708898ae86729b5f6ba

  • SHA256

    f0dfd42f7ca8bde26cdfc1061000d45829b7e3f074c4902146379dbed80cae4d

  • SHA512

    b742625525a5e95ed781524b4cb69f5a539f79511ff11a51c6e7a17fe7db2387137e34321e4a488c6ec7de26f4752bf0b2bd315d6933de21a7e8e07bc2a6ba79

  • SSDEEP

    49152:08MMFHBQlZE7MArHoyDRkQb8CuMeSGO7xLLNPpJ6Qmub1F1ZblhwLRA+asFO6asx:08MMFHBQFQHph4CutpOlLhBcQDbNZbls

Score
7/10
upx

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 1 IoCs

    Detects file using ACProtect software.

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 9 IoCs

    Checks for missing Authenticode signature.

Files

  • 38a1e4ef30e966839934c22872a0a299_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    7ed0d71376e55d58ab36dc7d3ffda898


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/ShellExecAsUser.dll
    .dll windows:6 windows x86 arch:x86

    74eb4c5d129e78f52ccfa28e2d5c44c2


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/StartMenu.dll
    .dll windows:4 windows x86 arch:x86

    80469f6834e579db68a646d49780b9d5


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    fc0224e99e736751432961db63a41b76


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/UpdHelper.dll
    .dll windows:6 windows x86 arch:x86

    d1462a27a934e82a7d14fef4385f692a


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/md5dll.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • out.upx
    .dll windows:4 windows x86 arch:x86


    Headers

    Sections

  • $PLUGINSDIR/modern-header.bmp
  • $PLUGINSDIR/modern-wizard.bmp
  • $PLUGINSDIR/nsDialogs.dll
    .dll windows:4 windows x86 arch:x86

    ec5fddc407d2b4e0a16fc4d786afc555


    Headers

    Imports

    Exports

    Sections

  • $TEMP/$0.nsis
  • $_43_/Modules/CmlProc.dll
    .dll windows:6 windows x86 arch:x86

    4b56bfb1791cb484d1b86fbcd632e905


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $_43_/Modules/InSes.dll
    .dll windows:6 windows x86 arch:x86

    da50dcede762476e94f766d98da78b88


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $_43_/Modules/ManXec.dll
    .dll windows:6 windows x86 arch:x86

    3a68ec1026ade049f784dbebe3a83cfb


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $_43_/RtHelp.exe
    .exe windows:6 windows x86 arch:x86

    b992edd3a85c4b71f2e4ffb360f4cd6d


    Code Sign

    Headers

    Imports

    Sections

  • $_43_/msvcp110.dll
    .dll windows:6 windows x86 arch:x86

    098e9eddf1a24b3fd9465ee992148a02


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $_43_/msvcr110.dll
    .dll windows:6 windows x86 arch:x86

    e057a95f8936f77238b048f253956b3b


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Games Bot.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Code Sign

    Headers

    Imports

    Sections

  • Games Bot.exe.config
    .xml
  • Modules/7z.dll
    .dll windows:4 windows x86 arch:x86

    71fc45db7a81ce236f432a828a4e8fcd


    Headers

    Imports

    Exports

    Sections

  • Modules/CmdProc.dll
    .dll windows:6 windows x86 arch:x86

    69031a4fc4a8def4c5c5667b9568a51d


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Modules/CmlProc.dll
    .dll windows:6 windows x86 arch:x86

    4b56bfb1791cb484d1b86fbcd632e905


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Modules/CmnUtls.dll
    .dll windows:6 windows x86 arch:x86

    aa8001def291fadf9d0cedae945797af


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Modules/InSes.dll
    .dll windows:6 windows x86 arch:x86

    da50dcede762476e94f766d98da78b88


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Modules/ManXec.dll
    .dll windows:6 windows x86 arch:x86

    3a68ec1026ade049f784dbebe3a83cfb


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Modules/NavSupp.dll
    .dll windows:6 windows x86 arch:x86

    01d7f9c204cd57846bd4c12bbd9800e9


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Modules/PrfIns.dll
    .dll windows:6 windows x86 arch:x86

    6a467be532b93556a3cdece00f2437c2


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Modules/WbSes.dll
    .dll windows:6 windows x86 arch:x86

    e2ea5011da0e4513a86e8041efe6c97c


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Modules/WblSupp.dll
    .dll windows:6 windows x86 arch:x86

    b24fbd5b9665209307cad63d89c97c06


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Modules/WdcMan.dll
    .dll windows:6 windows x86 arch:x86

    2baf22696165027cd6004f35d8d634a0


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • System.Data.SQLite.dll
    .dll windows:5 windows x86 arch:x86

    8067a5631cafa1803a58b72f826f7911


    Headers

    Imports

    Exports

    Sections

  • gbRunner.exe
    .exe windows:6 windows x86 arch:x86

    b992edd3a85c4b71f2e4ffb360f4cd6d


    Code Sign

    Headers

    Imports

    Sections

  • msvcp110.dll
    .dll windows:6 windows x86 arch:x86

    098e9eddf1a24b3fd9465ee992148a02


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • msvcr110.dll
    .dll windows:6 windows x86 arch:x86

    e057a95f8936f77238b048f253956b3b


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • uninstall.exe.nsis