General

  • Target

    7b219760ef21db1912738e5ae7927967_JaffaCakes118

  • Size

    12.5MB

  • MD5

    7b219760ef21db1912738e5ae7927967

  • SHA1

    92fff6ad7f99ff4c07735e1aeac3ee83e70e4f0a

  • SHA256

    d1132df2f76ce5a708ccf760732953f04f7922aecb2b86e9a5b1dd35494da72c

  • SHA512

    391296f4e9b108210fa620acf166b602f931a460a9e010a5f4b5056fec3744d8b9afeb48a84a3663d60a35fc7cebe1326fb19004e0aeac417c59ce0bc3eb4c21

  • SSDEEP

    196608:bGwncZBiQktIdybz9Yw7GF6GWhAwU4FJtYAZVb9Ek/727svBgcghWz+7ehQcOVL:9ncZrtG7yW2whF/LVb9Ek/72MgD0ha

Score
9/10

Malware Config

Signatures

  • CryptOne packer 3 IoCs

    Detects CryptOne packer defined in NCC blogpost.

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • 7b219760ef21db1912738e5ae7927967_JaffaCakes118
    .7z
  • 360Base64.dll
    .dll windows:5 windows x64 arch:x64

    672aff41cc00cec7d368ab6ea0ed99a9


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • 7za.dll
    .dll windows:5 windows x86 arch:x86

    cabe2cf79743f3d457d3373c7a9b84a7


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • DumpCreator_x64.exe
    .exe windows:5 windows x64 arch:x64

    f188be8f1b2d8c8f30d3fcf574699b99


    Code Sign

    Headers

    Imports

    Sections

  • DumpUper.exe
    .exe windows:5 windows x86 arch:x86

    b66bde4a080aa6ec96976a5e6639ea7e


    Code Sign

    Headers

    Imports

    Sections

  • FileList.xml
  • GameMemoryOpt.dll
    .dll regsvr32 windows:5 windows x86 arch:x86

    8a124a03900a89308686a02d8c4f83c4


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • GameMemoryOpt_x64.dll
    .dll regsvr32 windows:5 windows x64 arch:x64

    90c6453cf4a781b3c96ed6529e10e6ba


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • LDSGameHall/DefApkIcon.ico
  • LDSGameHall/LDSGameHall.exe
    .exe windows:5 windows x86 arch:x86

    dd468611f4741dc8d73be8fbfe161e6a


    Code Sign

    Headers

    Imports

    Sections

  • LDSGamePlayerPK/LudashiEmulator.dll
    .dll windows:5 windows x86 arch:x86

    65ccfcf594f79609a4c459bc006428e8


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • LDSGameVer.dll
    .dll windows:5 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • Plugin/ConfigCenter.dll
    .dll windows:5 windows x86 arch:x86

    47b4feb9045b53f12f4b51f8dcbeff61


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Plugin/ConfigCenterStub.dll
    .dll windows:5 windows x86 arch:x86

    db660c52164e236f8125a5df2ebc2e37


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Plugin/PopMgr.tpi
    .dll windows:5 windows x86 arch:x86

    a982a1a11b39e92ea45e9eab81c9ee79


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Plugin/PopMgrStub.dll
    .dll windows:5 windows x86 arch:x86

    1a9414b1ace9b7c9f1af919af898b14a


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Plugin/RunExtention.tpi
    .dll windows:5 windows x86 arch:x86

    92fe7cc4f99d85fb330cbadcc48c0eee


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Plugin/ShellExt_x64.dll
    .dll regsvr32 windows:5 windows x64 arch:x64

    fc05d269668f54398ba775f64ad1d6cf


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Plugin/ShellExt_x86.dll
    .dll regsvr32 windows:5 windows x86 arch:x86

    1a728811ebfbc93ad14d565af5172fc8


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Safelive.dll
    .dll regsvr32 windows:5 windows x86 arch:x86

    ac8a8ba5b6140ddb2f61fc08ec94a816


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • SiteUIHelper.dll
    .dll windows:5 windows x86 arch:x86

    c41c697eb8475c10d4461922f43fe6d1


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Sites.dll
    .dll regsvr32 windows:5 windows x86 arch:x86

    723e0242e8d4b67f9451c30c5cf8eb51


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • SoftMgr/SoftMgr.dll
    .dll regsvr32 windows:5 windows x86 arch:x86

    049c8cede5569762394e20687639bbea


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Tools/AdbWinApi.dll
    .dll windows:6 windows x86 arch:x86

    c64cac39044626770353879245ea25e4


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Tools/AdbWinUsbApi.dll
    .dll windows:6 windows x86 arch:x86

    fda9f9f5f569ddd0dbf3ad8a275a2eb8


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Tools/Ie/LdsIeView.exe
    .exe windows:5 windows x86 arch:x86

    b5de84f9430a0159042d8d150c875828


    Code Sign

    Headers

    Imports

    Sections

  • Tools/LdsWebGameViewer.exe
    .exe windows:5 windows x86 arch:x86

    767650a492b352cb5d6b39cf90c18541


    Code Sign

    Headers

    Imports

    Sections

  • Tools/LdsWebView.dll
    .dll windows:5 windows x86 arch:x86

    57ae26f038f4400d94266cdb97295247


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Tools/aapt.exe
    .exe windows:4 windows x86 arch:x86

    ef1d7a26810428a5601881853d8c24e5


    Code Sign

    Headers

    Imports

    Sections

  • Tools/adb.exe
    .exe windows:4 windows x86 arch:x86

    879e62881b452fa51161345afb04a6de


    Code Sign

    Headers

    Imports

    Sections

  • Tools/info.exe
    .exe windows:5 windows x86 arch:x86

    86cd432e9622d543b64a2d3793ec3965


    Code Sign

    Headers

    Imports

    Sections

  • UpdateUI.uiz
    .zip
  • Res/Close.png
    .png
  • Res/LittleLogo.png
    .png
  • Res/dlg_shadow.png
    .png
  • Res/fore_bg.png
    .png
  • Res/msg_icon_download.png
    .png
  • Res/msg_icon_info.png
    .png
  • Res/msg_icon_ok.png
    .png
  • Res/no.png
    .png
  • Res/updateInfo.html
    .html
  • Res/yes.png
    .png
  • UpdateFail.xml
    .xml
  • UpdateHint.xml
  • UpdateProgress.xml
    .xml
  • Utils/ApkInfoUI.uiz
    .zip
  • MainUI.xml
    .xml
  • theme/close.png
    .png
  • theme/iconshadow.png
    .png
  • theme/iconshadow2.png
    .png
  • theme/nohint.png
    .png
  • theme/openapk.png
    .png
  • theme/opendir.png
    .png
  • theme/setting.png
    .png
  • theme/shadow.png
    .png
  • theme/test.png
    .png
  • theme/test1.png
    .png
  • Utils/ApkToolUI.uiz
    .zip
  • MainUI.xml
    .xml
  • theme/blue_btn.png
    .png
  • theme/checkbox.png
    .png
  • theme/close.png
    .png
  • theme/default.png
    .png
  • theme/dlg_shadow.png
    .png
  • theme/icon.png
    .png
  • theme/iconshadow.png
    .png
  • theme/min.png
    .png
  • theme/progress_bk.png
    .png
  • theme/progress_front.png
    .png
  • theme/shadow.png
    .png
  • Utils/ArCtrl.dll
    .dll windows:5 windows x86 arch:x86

    a334e6aeaddeff589826e9445ee25bcd


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Utils/CheckHp.dll
    .dll windows:5 windows x86 arch:x86

    b9ac7c8f6e46895b44f8b940f39f1db5


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Utils/ComputerZ12.dll
    .dll windows:5 windows x86 arch:x86

    328d197e6498a0a0dad3c727cba1d04e


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Utils/ComputerZ12_x64.dll
    .dll windows:5 windows x64 arch:x64

    aac48a21646871618e434a0343cf016d


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Utils/ComputerZ14.exe
    .exe windows:5 windows x86 arch:x86

    9d69bb52361ff9cb43d0ded03f0d12af


    Code Sign

    Headers

    Imports

    Sections

  • Utils/DisPatchMini.dll
    .dll windows:5 windows x86 arch:x86

    939f2bd53cca9c799e50bd30a8f8d0ae


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Utils/GameMasterHelper.exe
    .exe windows:5 windows x86 arch:x86

    26bd2aeae8c43e1dba95324f678cfd56


    Code Sign

    Headers

    Imports

    Sections

  • Utils/InstExt.dll
    .dll windows:5 windows x86 arch:x86

    3b6f41edda2d84416e64c4854a476a57


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Utils/LDSBasic.dll
    .dll windows:5 windows x86 arch:x86

    bd4f0be22152de0b60673a3887f45600


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Utils/LdsBridge.exe
    .exe windows:5 windows x86 arch:x86

    7a7a393d19ee201f04ec9f1ee1c76197


    Code Sign

    Headers

    Imports

    Sections

  • Utils/LdsVolumeCtrl.dll
    .dll windows:5 windows x86 arch:x86

    0c74d4c63e4ba40d5befbc87c1b8c101


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Utils/MNQApkTool.exe
    .exe windows:5 windows x86 arch:x86

    8243418a5b18c72d876c2d7a66c944ec


    Code Sign

    Headers

    Imports

    Sections

  • Utils/MNQAppMon.dll
    .dll windows:5 windows x86 arch:x86

    60cf56068c852d8184e7d7a6fbb2a519


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Utils/MiniNews.exe
    .exe windows:5 windows x86 arch:x86

    d239aa7e4567ce2e3f26eec74c445a41


    Code Sign

    Headers

    Imports

    Sections

  • Utils/Pop.dll
    .dll windows:5 windows x86 arch:x86

    a7517ab9bc4c479e6a5032436e4d3cad


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Utils/PopEx.dll
    .dll windows:5 windows x86 arch:x86

    cd737eb147db3be754ddbedb8df3df15


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Utils/Pop_BiZhi.exe
    .exe windows:5 windows x86 arch:x86

    db345598a9620b68e6fdd23522a8bff7


    Code Sign

    Headers

    Imports

    Sections

  • Utils/RunDll.exe
    .exe windows:5 windows x86 arch:x86

    a5d3d84cf9ddf2cd2ce721a80538ca9a


    Code Sign

    Headers

    Imports

    Sections

  • Utils/SoulDancer.exe
    .exe windows:5 windows x86 arch:x86

    79e6bc575f20a95d354de2a12428c062


    Code Sign

    Headers

    Imports

    Sections

  • Utils/SpDrv_amd64.sys
    .sys windows:6 windows x64 arch:x64

    c6434308e60ac1b892f486cb49aac279


    Headers

    Imports

    Sections

  • Utils/SpDrv_x86.sys
    .sys windows:6 windows x86 arch:x86

    885c6516fb7acd24ef5c3688b8e1d0f4


    Headers

    Imports

    Sections

  • Utils/SpSvc.dll
    .dll windows:5 windows x86 arch:x86

    a0e3e13fa6c98a024ff0f180cb186998


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Utils/WndPlugin.dll
    .dll windows:5 windows x86 arch:x86

    25a1b4cc79eb3613a8bef5fae9fd90d2


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Utils/guardhp.exe
    .exe windows:5 windows x86 arch:x86

    db4d5d831c9533634445e4ba12458bd6


    Code Sign

    Headers

    Imports

    Sections

  • game/360GameIdentify.dll
    .dll windows:5 windows x86 arch:x86

    68b61e90123cc6324c41cd628360a482


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • game/360WebIdentify.dll
    .dll windows:5 windows x86 arch:x86

    7da561014b6bb606bcd7e0a47c4cd070


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • game/gameidentify.dat
  • game/gameidentify_inc.dat
  • game/widef.dat
  • ipc/ipcservice.dll
    .dll regsvr32 windows:5 windows x86 arch:x86

    c3434ac5478d434f6907bac7f5e65cc8


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • uninst.exe
    .exe windows:5 windows x86 arch:x86

    c8774d51371a3abedf2f4987b7d23625


    Code Sign

    Headers

    Imports

    Sections

  • update.exe
    .exe windows:5 windows x86 arch:x86

    06475a7f08c90c0411b67834b52a9e0c


    Code Sign

    Headers

    Imports

    Sections

  • updatecfg.ini