Overview

overview

4

Static

static

3

5b4d4e5e9c...18.exe

windows7-x64

4

5b4d4e5e9c...18.exe

windows10-2004-x64

4

$PLUGINSDI...ew.dll

windows7-x64

3

$PLUGINSDI...ew.dll

windows10-2004-x64

3

$PLUGINSDI...is.dll

windows7-x64

3

$PLUGINSDI...is.dll

windows10-2004-x64

3

$PLUGINSDI...ay.dll

windows7-x64

3

$PLUGINSDI...ay.dll

windows10-2004-x64

3

$PLUGINSDI...nk.dll

windows7-x64

3

$PLUGINSDI...nk.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/inetc.dll

windows7-x64

1

$PLUGINSDIR/inetc.dll

windows10-2004-x64

1

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$TEMP/kwun...er.exe

windows7-x64

3

$TEMP/kwun...er.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5b4d4e5e9cd2c1d4518e823c6f62f92b_JaffaCakes118

  • Size

    666KB

  • MD5

    5b4d4e5e9cd2c1d4518e823c6f62f92b

  • SHA1

    fda9f7d1e8305d3187137afd53dbddfb2b40d52f

  • SHA256

    b29ad0aa376658bc8d2343aac56e35f9e7ffbdd1e6110aef19beaeb6a8a51b31

  • SHA512

    8f322691cf46fb33c7754c9f9092daf94dca031c4a2c8fd565cbb269dd7e415a1643b25444e8ded4c39e08f1555bbfc464a880b31a2bceebd21e7044479b7ba6

  • SSDEEP

    12288:q1H2Bws6vFhIExmyCDU99V78xLupdZYJfVL9N3kOiqhBK0wr9+Am1ID:qyuLay+W9sufZ+L9NUfq9G9ZmqD

Score
3/10

Malware Config

Signatures

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • 5b4d4e5e9cd2c1d4518e823c6f62f92b_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    ee90b300161ad563b7387f4d64789dc2


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/KuWoNsis_new.dll
    .dll windows:5 windows x86 arch:x86

    f7bdf84c2df6c97befad5bdb81175b23


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/KwMusicNsis.dll
    .dll windows:5 windows x86 arch:x86

    d720c1fe9f9034edd57dcfc83df1eadf


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/NSISArray.dll
    .dll windows:5 windows x86 arch:x86

    812688d08c0d4a81ed86daeebcf15c55


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ShellLink.dll
    .dll windows:5 windows x86 arch:x86

    50112fdd20200a51dbedeae8f1f33cdb


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    039bcbc605477e8e87ec550c2e60e748


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/inetc.dll
    .dll windows:6 windows x86 arch:x86

    3907333ed0258fd761f45695b76b5c4e


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsDialogs.dll
    .dll windows:4 windows x86 arch:x86

    25a5640a89eb79c57f60a91d10524b18


    Headers

    Imports

    Exports

    Sections

  • $TEMP/kwuninsthelper.exe
    .exe windows:4 windows x86 arch:x86

    ee90b300161ad563b7387f4d64789dc2


    Code Sign

    Headers

    Imports

    Sections