Overview

overview

4

Static

static

3

6e6f38ac01...18.exe

windows7-x64

4

6e6f38ac01...18.exe

windows10-2004-x64

4

$PLUGINSDI...on.dll

windows7-x64

1

$PLUGINSDI...on.dll

windows10-2004-x64

1

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$R0.exe

windows7-x64

1

$R0.exe

windows10-2004-x64

1

$SYSDIR/Dr...mu.sys

windows7-x64

1

$SYSDIR/Dr...mu.sys

windows10-2004-x64

1

devcon.exe

windows7-x64

1

devcon.exe

windows10-2004-x64

1

unicows.dll

windows7-x64

1

unicows.dll

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    6e6f38ac0147046d1f0053b2e81a4f17_JaffaCakes118

  • Size

    3.9MB

  • MD5

    6e6f38ac0147046d1f0053b2e81a4f17

  • SHA1

    16658070ad7b3b0f7c017c5ccc883d49c5c47635

  • SHA256

    037acfb14c28a3dacdf8ffd978e2efdfc9aaedaff72b9f25bea7b4442b4dc392

  • SHA512

    ea00afacc70ca3be056ae127decd9448bf2c3f5b3fe444ae0beea0dd63856ced9828e4b3b9ea91a47917b5169aeee5fba266ac3dc4c98a7e56a759d7f2b6f0aa

  • SSDEEP

    98304:hPhabRbWwirjiiBXSMeHK5BkPxTOMILYF:hPhObWw8+KkJT5Ok

Score
3/10

Malware Config

Signatures

  • Unsigned PE 5 IoCs

    Checks for missing Authenticode signature.

Files

  • 6e6f38ac0147046d1f0053b2e81a4f17_JaffaCakes118
    .exe windows:5 windows x86 arch:x86

    32f3282581436269b3a75b6675fe3e08


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/Fusion.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:5 windows x86 arch:x86

    039bcbc605477e8e87ec550c2e60e748


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/modern-header.bmp
  • $PLUGINSDIR/nsDialogs.dll
    .dll windows:5 windows x86 arch:x86

    9ea5bdc8c90dfcffe309465c26c89758


    Headers

    Imports

    Exports

    Sections

  • $R0
    .exe windows:5 windows x86 arch:x86

    378f278b2954ddd0a8075126427f6165


    Headers

    Imports

    Sections

  • $SYSDIR/Drivers/$0
    .sys windows:5 windows x86 arch:x86

    add367af14ecc2bab5e7c1046174c5f9


    Code Sign

    Headers

    Imports

    Sections

  • $SYSDIR/Drivers/scdemu.sys
    .sys windows:5 windows x86 arch:x86

    add367af14ecc2bab5e7c1046174c5f9


    Code Sign

    Headers

    Imports

    Sections

  • devcon.exe
    .exe windows:5 windows x86 arch:x86

    378f278b2954ddd0a8075126427f6165


    Headers

    Imports

    Sections

  • unicows.dll
    .dll windows:5 windows x86 arch:x86

    628730441f2453f40c61ce661f08e0ca


    Code Sign

    Headers

    Imports

    Exports

    Sections