Overview

overview

10

Static

static

3

5ea3b72de6...18.exe

windows7-x64

10

5ea3b72de6...18.exe

windows10-2004-x64

7

$PLUGINSDI...nu.dll

windows7-x64

3

$PLUGINSDI...nu.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

FancyZoom.js

windows7-x64

3

FancyZoom.js

windows10-2004-x64

3

about.html

windows7-x64

1

about.html

windows10-2004-x64

1

blogid=321...4.html

windows7-x64

1

blogid=321...4.html

windows10-2004-x64

1

contact-us.js

windows7-x64

3

contact-us.js

windows10-2004-x64

3

de.html

windows7-x64

1

de.html

windows10-2004-x64

1

jquery.meanmenu.js

windows7-x64

3

jquery.meanmenu.js

windows10-2004-x64

3

uninstall.exe

windows7-x64

7

uninstall.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    5ea3b72de6c5095693390b3199ce3bb0_JaffaCakes118

  • Size

    343KB

  • MD5

    5ea3b72de6c5095693390b3199ce3bb0

  • SHA1

    46feeebb40ec5c18764298dbde6e5a5b457b9c67

  • SHA256

    25d047f9cdec866880797c914131f8e34259046d9b9363bc07241937cfcb38fe

  • SHA512

    b23a136976ad596ea451f059fbc7b5b9b104a1df0ae42c79666230051f5fd10bdbd5ae3be274fd05612c75b77705abb3bfea706598d956721e45d3ff41023a67

  • SSDEEP

    6144:2W+7+eMqMJWJWMEHvpRzphnp4Ra5YlYhHs4U9wTADXabmKPgKdzWruMRAjVCCc:2R5MJNMkx3Bp4Ra5IYhM4AwAmbxxengm

Score
3/10

Malware Config

Signatures

  • Unsigned PE 5 IoCs

    Checks for missing Authenticode signature.

Files

  • 5ea3b72de6c5095693390b3199ce3bb0_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    e221f4f7d36469d53810a4b5f9fc8966


    Headers

    Imports

    Sections

  • $PLUGINSDIR/StartMenu.dll
    .dll windows:4 windows x86 arch:x86

    80469f6834e579db68a646d49780b9d5


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    fc0224e99e736751432961db63a41b76


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/modern-header.bmp
  • $PLUGINSDIR/modern-wizard.bmp
  • $PLUGINSDIR/nsDialogs.dll
    .dll windows:4 windows x86 arch:x86

    ec5fddc407d2b4e0a16fc4d786afc555


    Headers

    Imports

    Exports

    Sections

  • FancyZoom.js
    .js
  • PleaseWait.gif
    .gif
  • Satellite1308129870.png
    .png
  • about
    .html .js polyglot
  • apple-touch-icon-114.png
    .png
  • blogid=321536463764.html
    .html .js polyglot
  • contact-us
    .js
  • dahqr0hYIu6FLUHt.c2Z
  • de
    .html .js polyglot
  • icon-brain.png
    .png
  • jquery.meanmenu.js
    .js
  • layout3.css
  • photos_3-977.jpg
    .jpg
  • social-googleplus.png
    .png
  • uninstall.exe
    .exe windows:4 windows x86 arch:x86

    e221f4f7d36469d53810a4b5f9fc8966


    Headers

    Imports

    Sections

  • $PLUGINSDIR/modern-header.bmp
  • v-bar.jpg
    .jpg
  • videos1818946919.xml
    .xml