Overview

overview

10

Static

static

3

76468fca3a...18.exe

windows7-x64

7

76468fca3a...18.exe

windows10-2004-x64

7

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...nu.dll

windows7-x64

3

$PLUGINSDI...nu.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

GLWorker.exe

windows7-x64

10

GLWorker.exe

windows10-2004-x64

10

PictoWords.exe

windows7-x64

10

PictoWords.exe

windows10-2004-x64

10

Uninstall.exe

windows7-x64

7

Uninstall.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    76468fca3a1a12f2a7852162bd7bc7d0_JaffaCakes118

  • Size

    15.8MB

  • MD5

    76468fca3a1a12f2a7852162bd7bc7d0

  • SHA1

    d439bfee804626bcf987cf4f8a1d9cec3abf9fec

  • SHA256

    6abf9fcec5883b6e4d70810e60bd2d8a133a1a62bc28ca5d17dcc6f45d35214a

  • SHA512

    c4608fa71abf1cd7d287e706890df7ce89312af0cde18c00e4dbc0f6f9aa6bccf9323ac975ac520769f6353eb634127214f7122fecacde6ace8dd1adcf7c5d0a

  • SSDEEP

    393216:Jah5U+kSRi+EeHy6VvG9pUKFSb4l8a+0RvGSdHUUMD2:MASJVe9pN6sb5vGwUDC

Score
3/10

Malware Config

Signatures

  • Unsigned PE 7 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 4 IoCs
    installer

Files

  • 76468fca3a1a12f2a7852162bd7bc7d0_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    e160ef8e55bb9d162da4e266afd9eef3


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/Dialer.dll
    .dll windows:4 windows x86 arch:x86

    de27b2cda885c04c790bdc36087040a5


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    3fe69ff2de04834c67a82c79fa52ebe2


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/StartMenu.dll
    .dll windows:4 windows x86 arch:x86

    17fb6a8708b9c0bb2d5d8687870eb415


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    8c8a576201f68de1a3f26fc723b9f30f


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-header.bmp
  • $PLUGINSDIR/modern-wizard.bmp
  • $PLUGINSDIR/nsisdl.dll
    .dll windows:4 windows x86 arch:x86

    35098e8775f91723e90a28745ef6495b


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/pogotall.bmp
  • $PLUGINSDIR/pogowide.bmp
  • EULA.txt
  • GLWorker.exe
    .exe windows:5 windows x86 arch:x86

    daf574f3040b477b1ee15e12a0c73af8


    Code Sign

    Headers

    Imports

    Sections

  • PictoWords.ifn
    .exe windows:4 windows x86 arch:x86

    daf574f3040b477b1ee15e12a0c73af8


    Code Sign

    Headers

    Imports

    Sections

  • Tik_Games_eula.txt
  • Uninstall.exe
    .exe windows:4 windows x86 arch:x86

    e160ef8e55bb9d162da4e266afd9eef3


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    3fe69ff2de04834c67a82c79fa52ebe2


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    8c8a576201f68de1a3f26fc723b9f30f


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-header.bmp
  • $PLUGINSDIR/modern-wizard.bmp
  • $PLUGINSDIR/pogotall.bmp
  • $PLUGINSDIR/pogowide.bmp
  • game.gcf
  • glcfg.date
  • icon.ico
  • readme.txt
  • stdat.dat
  • uninst.ico