Overview

overview

7

Static

static

3

402092fc83...18.exe

windows7-x64

7

402092fc83...18.exe

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/TBC.dll

windows7-x64

1

$PLUGINSDIR/TBC.dll

windows10-2004-x64

1

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$PLUGINSDI...ct.dll

windows7-x64

1

$PLUGINSDI...ct.dll

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    402092fc8335b11d12d5f5746b24740e_JaffaCakes118

  • Size

    334KB

  • MD5

    402092fc8335b11d12d5f5746b24740e

  • SHA1

    9a2c4efc593b088a4dbc7b91a1bc63fe5abb44cb

  • SHA256

    16bb86358add1be17b175b88ab40af0baf67492e10b94604a4716f11c81633fd

  • SHA512

    c067927588948c691b209f2046b96cab82829ef2d3170d891ef41184eb4eb1e4560449e5f6d2f787be87ea70a6436e08661cbf153f6923b31a07dc65d2c1df79

  • SSDEEP

    6144:TbUTp18ZMzDk2M+eB6KEzRa3pPBoN+X6V9/neMCLobnXh4C:TIsQDicbR38X6n/neMCLobXR

Score
3/10

Malware Config

Signatures

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 402092fc8335b11d12d5f5746b24740e_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    7ed0d71376e55d58ab36dc7d3ffda898


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/01_MI_1428341377301.bmp
  • $PLUGINSDIR/05_MI_1428341391250.bmp
  • $PLUGINSDIR/Declinebutton-new-for-MIP_1435603356048.bmp
  • $PLUGINSDIR/GU_1435603335894.bmp
  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    fc0224e99e736751432961db63a41b76


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/TBC.dll
    .dll windows:5 windows x86 arch:x86

    b849bbef6db4bd5d3c2ee3dae22cc540


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/button_image_1428341404785.bmp
  • $PLUGINSDIR/cancel_english_mip_1435602788929.bmp
  • $PLUGINSDIR/cleanup_ENG_140x36_1435603351296.bmp
  • $PLUGINSDIR/error_image_1428341399761.bmp
  • $PLUGINSDIR/nsDialogs.dll
    .dll windows:5 windows x86 arch:x86

    58da96f4c774d946620f1d9e7be93b20


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/t8bprtct.dll
    .dll regsvr32 windows:5 windows x86 arch:x86

    95cf83a10236a8bd2ce8b632973eb995


    Code Sign

    Headers

    Imports

    Exports

    Sections