Overview

overview

7

Static

static

3

8f4a820f91...18.exe

windows7-x64

7

8f4a820f91...18.exe

windows10-2004-x64

7

$PLUGINSDI...ol.dll

windows7-x64

3

$PLUGINSDI...ol.dll

windows10-2004-x64

3

$PLUGINSDI...il.dll

windows7-x64

3

$PLUGINSDI...il.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...fo.dll

windows7-x64

3

$PLUGINSDI...fo.dll

windows10-2004-x64

3

$TEMP/IL M...ar.dll

windows7-x64

3

$TEMP/IL M...ar.dll

windows10-2004-x64

3

MiniHostModular.exe

windows7-x64

3

MiniHostModular.exe

windows10-2004-x64

3

MiniHostMo...64.exe

windows7-x64

3

MiniHostMo...64.exe

windows10-2004-x64

3

Plugin/VST...X).dll

windows7-x64

3

Plugin/VST...X).dll

windows10-2004-x64

3

Plugin/VST...ar.dll

windows7-x64

3

Plugin/VST...ar.dll

windows10-2004-x64

3

Plugin/VST...X).dll

windows7-x64

1

Plugin/VST...X).dll

windows10-2004-x64

1

Plugin/VST...ar.dll

windows7-x64

1

Plugin/VST...ar.dll

windows10-2004-x64

1

uninstall.exe

windows7-x64

7

uninstall.exe

windows10-2004-x64

7

$PLUGINSDI...ll.dll

windows7-x64

3

$PLUGINSDI...ll.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    8f4a820f91b3a8a78ed23b99ca4941c9_JaffaCakes118

  • Size

    20.6MB

  • MD5

    8f4a820f91b3a8a78ed23b99ca4941c9

  • SHA1

    539e7bdff618c31f4f8cdea66e085ebbe62b8d7d

  • SHA256

    dc512518df998bc93616857bba8c24c4489b2ddd5eb64fb927ab79cab8f019f4

  • SHA512

    251d26be26541c3d2eb1e6cb5c070dcae72ccc379efc1fb6a60f0596d47a7907bedc2fff33a8fe76478c5aaaf43fe5add01ec6b9c8a1caf9d04598de66bbe8f9

  • SSDEEP

    393216:N7n6xYAIi4NTCtwfuexnkT0cTHGsS51tVw9Avhbqapd8mA/nb1CWrBFet/Zng0Jt:Nj6Y3TKwf5iJmsyfVhhPMb1BgZzV

Score
3/10

Malware Config

Signatures

  • Unsigned PE 6 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 4 IoCs
    installer

Files

  • 8f4a820f91b3a8a78ed23b99ca4941c9_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    099c0646ea7282d232219f8807883be0


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/AccessControl.dll
    .dll windows:4 windows x86 arch:x86

    ed83f419402bc3b83a08e3aaf8b5b5b7


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ILInstallUtil.dll
    .dll windows:5 windows x86 arch:x86

    f54089062a794946c82cd9c08d60bc3d


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    b1cd0d78f652ce5fc63f0879371af012


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/UserInfo.dll
    .dll windows:4 windows x86 arch:x86

    afa8e526425f3585465337467d0b5909


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioA.ini
  • $PLUGINSDIR/ioDirQuestion.ini
  • $PLUGINSDIR/ioGotoWebPage.ini
  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-header.bmp
  • $PLUGINSDIR/modern-wizard.bmp
  • $TEMP/IL Minihost Modular.dll
    .dll windows:5 windows x86 arch:x86

    7e92a195b67101bd983fbaf5e7b1ac5f


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • MiniHostModular.exe
    .exe windows:5 windows x86 arch:x86

    686d04fd0999c7f929b3075e35d4a444


    Code Sign

    Headers

    Imports

    Sections

  • MiniHostModular_x64.exe
    .exe windows:5 windows x64 arch:x64

    104a58bf4134a6711b577d6e2bd48500


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Plugin/VST 32bit/IL Minihost Modular (FX).dll
    .dll windows:5 windows x86 arch:x86

    7e92a195b67101bd983fbaf5e7b1ac5f


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Plugin/VST 32bit/IL Minihost Modular.dll
    .dll windows:5 windows x86 arch:x86

    7e92a195b67101bd983fbaf5e7b1ac5f


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Plugin/VST 64bit/IL Minihost Modular (FX).dll
    .dll windows:5 windows x64 arch:x64

    836dcec105904e8f202fd356cbd822e1


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Plugin/VST 64bit/IL Minihost Modular.dll
    .dll windows:5 windows x64 arch:x64

    836dcec105904e8f202fd356cbd822e1


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • uninstall.exe
    .exe windows:4 windows x86 arch:x86

    7fa974366048f9c551ef45714595665e


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/ILUninstall.dll
    .dll windows:5 windows x86 arch:x86

    e467a585796dc48fbb4492ddfcbde1aa


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    b1cd0d78f652ce5fc63f0879371af012


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-header.bmp
  • $PLUGINSDIR/modern-wizard.bmp
  • uninstall.fud