Overview

overview

7

Static

static

3

5c351937d1...18.exe

windows7-x64

7

5c351937d1...18.exe

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/TBC.dll

windows7-x64

1

$PLUGINSDIR/TBC.dll

windows10-2004-x64

1

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$PLUGINSDI...ct.dll

windows7-x64

1

$PLUGINSDI...ct.dll

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    5c351937d1f7dd0e8b9309127770f44c_JaffaCakes118

  • Size

    329KB

  • MD5

    5c351937d1f7dd0e8b9309127770f44c

  • SHA1

    d27d7ae3492db9c08bf2d3f93e24faba2483b401

  • SHA256

    05fc23636c547c9344349d117c0fe0c640e2601b122490501723799630616390

  • SHA512

    091efa4c6a7928ee17049644ae5edb2e1be607da9dc728ddcf3391115796807fa35c7ecaeb4814c403c2e43e046be769e9156a8740fda6553613d952ed25bfdc

  • SSDEEP

    6144:dbUTp1htyAsZM+eB6KEzRa3pPBBZX6VnGxRnXh4To:dIx0AsUcbReZX6pGxRXko

Score
3/10

Malware Config

Signatures

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 5c351937d1f7dd0e8b9309127770f44c_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    7ed0d71376e55d58ab36dc7d3ffda898


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/01_MI_1430405450554.bmp
  • $PLUGINSDIR/05_MI_1428513633929.bmp
  • $PLUGINSDIR/BXV_protector-copy_1435607053249.bmp
  • $PLUGINSDIR/Error---Oops_1435615465245.bmp
  • $PLUGINSDIR/Install_ENG_1435615485061.bmp
  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    fc0224e99e736751432961db63a41b76


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/TBC.dll
    .dll windows:5 windows x86 arch:x86

    b849bbef6db4bd5d3c2ee3dae22cc540


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/cancel_english_mip_1435615490247.bmp
  • $PLUGINSDIR/cleanup_ENG_140x36_1435615608865.bmp
  • $PLUGINSDIR/decline-button-ENG--new-for-MIP_1435615652360.bmp
  • $PLUGINSDIR/nsDialogs.dll
    .dll windows:5 windows x86 arch:x86

    58da96f4c774d946620f1d9e7be93b20


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/t8bprtct.dll
    .dll regsvr32 windows:5 windows x86 arch:x86

    95cf83a10236a8bd2ce8b632973eb995


    Code Sign

    Headers

    Imports

    Exports

    Sections