General

  • Target

    69d445073c9946ca0ae6e869e6d1e45e_JaffaCakes118

  • Size

    10.7MB

  • MD5

    69d445073c9946ca0ae6e869e6d1e45e

  • SHA1

    d5562c06eae2c3452854b5e995fb366fd6886d10

  • SHA256

    1ab7b5aa280179b9f9550489c61512cbfd23219d31bbcbc9955340573323fd2e

  • SHA512

    a76abdd626b06a81f6f38623951dc29743718a5425389d49696661f0f9442221f78cd82af243485cf9dd5bc4b0fe9c2b8de78d6b53d32298e2761c2eaab493e3

  • SSDEEP

    196608:iggGvkwt2HUK1hNQ7eB3cKyiF4KyfvHDIdlsiQTaTiuspSJHAkhMv87:iq9KIeBBFQ7ldnjkhMvY

Score
10/10
upx

Malware Config

Signatures

  • Nirsoft 2 IoCs
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 9 IoCs

    Checks for missing Authenticode signature.

Files

  • 69d445073c9946ca0ae6e869e6d1e45e_JaffaCakes118
    .rar
  • SS Tool [Extract]/Applications/.DS_Store
  • SS Tool [Extract]/Applications/Bucky Roberts 3.3.exe
    .exe windows:6 windows x86 arch:x86

    9628b2e02eea6802a14a9b40d63a13e4


    Headers

    Imports

    Sections

  • SS Tool [Extract]/Applications/CheatDetector.exe
    .exe windows:6 windows x86 arch:x86

    387cb122236106878264b8bd5726c39f


    Headers

    Imports

    Sections

  • SS Tool [Extract]/Applications/Everything.exe
    .exe windows:5 windows x86 arch:x86

    32f3282581436269b3a75b6675fe3e08


    Headers

    Imports

    Sections

  • $PLUGINSDIR/Everything/Everything.exe
    .exe windows:4 windows x86 arch:x86

    36f7bdb939da4f07fd0938ab7ec6425f


    Headers

    Imports

    Sections

  • $PLUGINSDIR/Everything/License.txt
  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:5 windows x86 arch:x86

    cd90e33ffbc335413a25300c682c83df


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/InstallOptions.ini
  • $PLUGINSDIR/InstallOptions2.ini
  • $PLUGINSDIR/LangDLL.dll
    .dll windows:5 windows x86 arch:x86

    e981c0ab92cb1f191bb5e23392e14796


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:5 windows x86 arch:x86

    039bcbc605477e8e87ec550c2e60e748


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-wizard.bmp
  • SS Tool [Extract]/Applications/JDGui.jar
    .jar
  • SS Tool [Extract]/Applications/ProcessHacker.exe
    .exe windows:1 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • SS Tool [Extract]/Applications/Schematica Reach Detector.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • SS Tool [Extract]/Applications/USBDeview.cfg
  • SS Tool [Extract]/Applications/USBDeview.exe
    .exe windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • SS Tool [Extract]/Applications/Xray Pack Test.jar
    .jar
  • SS Tool [Extract]/LastActivityViewer/LastActivityView.cfg
  • SS Tool [Extract]/LastActivityViewer/LastActivityView.chm
    .chm
  • SS Tool [Extract]/LastActivityViewer/LastActivityView.exe
    .exe windows:4 windows x86 arch:x86

    ab20f67dd9cc010927fd2c5aec0539cd


    Code Sign

    Headers

    Imports

    Sections

  • SS Tool [Extract]/LastActivityViewer/readme.txt
  • SS Tool [Extract]/Shortcuts/Prefetch.lnk
    .lnk
  • SS Tool [Extract]/Shortcuts/RECYCLE BIN.lnk
    .lnk
  • SS Tool [Extract]/Shortcuts/Roaming.lnk
    .lnk
  • SS Tool [Extract]/Shortcuts/Windows PowerShell.lnk
    .lnk
  • SS Tool [Extract]/Websites/Demon Web.url
    .url
  • SS Tool [Extract]/Websites/Drek Web.url
    .url
  • SS Tool [Extract]/Websites/Indigo Web.url
    .url
  • SS Tool [Extract]/Websites/Vape Web.url
    .url