General

  • Target

    50f0889e1b72316ac38fcd41e667da22_JaffaCakes118

  • Size

    387KB

  • MD5

    50f0889e1b72316ac38fcd41e667da22

  • SHA1

    3b12c09887303bfe42b30559fe22381184cfcb48

  • SHA256

    d2778835fde0fcfab3f1a69cef61e1c677c275ff0d57e0051c59d6af9d7114ce

  • SHA512

    80e855e11bff0ac20cbc81c51a9e8fd7392073eb9dd0fa3bdfb448c5ecd91755c5d7fbf1e13b267ccc0cca1989a09ade94cc4a7ce69bda1b34b7ecb3947baff0

  • SSDEEP

    6144:FUj/wAQQlZIsAaiPLRQKu38GWQD31OzUDRrjrBEEsaxW4MujFbXPAuy08CO/:Fq+QlaNdQKgFlFrOEsa8Luthyt/

Score
3/10

Malware Config

Signatures

  • Unsigned PE 5 IoCs

    Checks for missing Authenticode signature.

Files

  • 50f0889e1b72316ac38fcd41e667da22_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    e2a592076b17ef8bfb48b7e03965a3fc


    Headers

    Imports

    Sections

  • $TEMP/.text.x86.getpcthunk.cx
  • $TEMP/12.opends60.dll
  • $TEMP/778
  • $TEMP/BeauxSparable.dll
    .dll windows:4 windows x86 arch:x86

    65fb20b34d9ef29c8ca63fed4ede844a


    Headers

    Imports

    Exports

    Sections

  • $TEMP/MakeZipExe.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • $TEMP/Nelson
  • $TEMP/VsMacroHierarchyLib.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • $TEMP/developdisconnectmobapps02.gif
    .gif
  • $TEMP/org.gnome.desktop.session.gschema.xml
    .xml
  • $TEMP/palmld.h
  • $TEMP/pragmatics.exe
    .exe windows:4 windows x86 arch:x86

    f66f0dbc01d1f72b188b357b9043fb75


    Headers

    Imports

    Sections

  • $TEMP/precedingquery.cs
  • $TEMP/resToResX.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Code Sign

    Headers

    Imports

    Sections

  • $TEMP/scarrowshapes.split-arrow.png
    .png
  • $TEMP/standardbar.xml
    .xml