Overview

overview

10

Static

static

3

690c89ef69...18.exe

windows7-x64

10

690c89ef69...18.exe

windows10-2004-x64

7

$1/$OUTDIR...er.exe

windows7-x64

7

$1/$OUTDIR...er.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

2611067143.html

windows7-x64

1

2611067143.html

windows10-2004-x64

1

contact-do...g.html

windows7-x64

1

contact-do...g.html

windows10-2004-x64

1

home.js

windows7-x64

3

home.js

windows10-2004-x64

3

home1099482986.html

windows7-x64

1

home1099482986.html

windows10-2004-x64

1

home1259317828.html

windows7-x64

1

home1259317828.html

windows10-2004-x64

1

index1449123078.html

windows7-x64

1

index1449123078.html

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    690c89ef69c176f31c2010e75c365ac5_JaffaCakes118

  • Size

    261KB

  • MD5

    690c89ef69c176f31c2010e75c365ac5

  • SHA1

    071f75c641136d35c9bb9e15fd7c14453fa4bdf2

  • SHA256

    3c3c4b39f9355765dc75b7a893bbe52469f83afb9e5d609b7b74d9edfa415609

  • SHA512

    1e40552d9b3001eb1551c26780d4ff1cfa23acd1e8f59fa9faaf63b160cd0aa87f15ac6f048337374f35b1bbbecb2ecd2f6d1f0a733263de3b554505073d8226

  • SSDEEP

    6144:wW+7+eMX3XA7enW055Uqj61NSPHomhwYqt5:wR0XAQB55UqjtPHdmDt5

Score
3/10

Malware Config

Signatures

  • Unsigned PE 4 IoCs

    Checks for missing Authenticode signature.

Files

  • 690c89ef69c176f31c2010e75c365ac5_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    e221f4f7d36469d53810a4b5f9fc8966


    Headers

    Imports

    Sections

  • $1/$OUTDIR/sftp_plugin/tc_sftp_uninstaller.exe
    .exe windows:4 windows x86 arch:x86

    e221f4f7d36469d53810a4b5f9fc8966


    Headers

    Imports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    b233fd95d297fbba0563f3f6eae042e0


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    fc0224e99e736751432961db63a41b76


    Headers

    Imports

    Exports

    Sections

  • 2611067143.html
    .html
  • FRM1678109908.jpg
    .jpg
  • PzGuNVcm.ARJT
  • aMV2H8tRMVnACQCA.TBX
  • confirmClose.gif
    .gif
  • contact-domains-org
    .html .js polyglot
  • home.js
    .js
  • home1099482986.html
  • home1259317828.html
  • index1449123078.html
    .html .js polyglot