Overview

overview

7

Static

static

3

6e9bee606d...18.exe

windows7-x64

7

6e9bee606d...18.exe

windows10-2004-x64

7

$PLUGINSDI...fo.dll

windows7-x64

3

$PLUGINSDI...fo.dll

windows10-2004-x64

3

$PLUGINSDI...in.dll

windows7-x64

1

$PLUGINSDI...in.dll

windows10-2004-x64

1

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$SYSDIR/23...in.dll

windows7-x64

3

$SYSDIR/23...in.dll

windows10-2004-x64

3

2345DirectUI.dll

windows7-x64

1

2345DirectUI.dll

windows10-2004-x64

1

2345Pinyin.dll

windows7-x64

3

2345Pinyin.dll

windows10-2004-x64

3

2345PinyinConfig.exe

windows7-x64

2345PinyinConfig.exe

windows10-2004-x64

2345PinyinExtract.dll

windows7-x64

1

2345PinyinExtract.dll

windows10-2004-x64

1

2345PinyinInstall.exe

windows7-x64

2345PinyinInstall.exe

windows10-2004-x64

2345Pinyin...il.exe

windows7-x64

2345Pinyin...il.exe

windows10-2004-x64

2345PinyinSvc.exe

windows7-x64

2345PinyinSvc.exe

windows10-2004-x64

2345PinyinSymbol.exe

windows7-x64

2345PinyinSymbol.exe

windows10-2004-x64

2345PinyinUpdate.exe

windows7-x64

2345PinyinUpdate.exe

windows10-2004-x64

2345PinyinWizard.exe

windows7-x64

2345PinyinWizard.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    6e9bee606de3796673a8c1b2855cb9f2_JaffaCakes118

  • Size

    29.4MB

  • MD5

    6e9bee606de3796673a8c1b2855cb9f2

  • SHA1

    9c160c12fd9738572733bd53ff8385feb64f1469

  • SHA256

    183f6d3cf733bf536b127a367ace2946670ca6590c4957b30b62e2038993b80b

  • SHA512

    1db7cfc1ecf2a563975204f68afb1aea94bb934ee5dd030bf36d89d3518e88d1234957368e77b2541e36d6ffca0d1823d62fe8363b3fd5442f7de24041ef213b

  • SSDEEP

    786432:w6bpI/kO3SmgoVrTYcIGJhNL1ZMkG2aTLrp8ZB183uXZpL2w:uzSSrTYCRjq/rptw

Score
3/10

Malware Config

Signatures

  • Unsigned PE 3 IoCs

    Checks for missing Authenticode signature.

Files

  • 6e9bee606de3796673a8c1b2855cb9f2_JaffaCakes118
    .exe windows:5 windows x86 arch:x86

    b729b61eb1515fcf7b3e511e4e66258b


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/FileInfo.dll
    .dll windows:5 windows x86 arch:x86

    8a323b382692f8fdc340c0b10b95dc98


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/RCWidgetPlugin.dll
    .dll windows:4 windows x86 arch:x86

    c5021a6b990dc93d269b65980ec7c537


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:5 windows x86 arch:x86

    039bcbc605477e8e87ec550c2e60e748


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/modern-header.bmp
  • $SYSDIR/2345Pinyin.ime
    .dll windows:5 windows x86 arch:x86

    3019cac8cd2eda0ee68e85145875286a


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • 2345DirectUI.dll
  • 2345Pinyin.ime
    .dll windows:5 windows x86 arch:x86

    3019cac8cd2eda0ee68e85145875286a


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • 2345PinyinConfig.exe
  • 2345PinyinExtract.dll
  • 2345PinyinInstall.exe
  • 2345PinyinSkinUtil.exe
  • 2345PinyinSvc.exe
  • 2345PinyinSymbol.exe
  • 2345PinyinUpdate.exe
  • 2345PinyinWizard.exe