General

  • Target

    9614004943301efe7415bf4f0ec07f80_JaffaCakes118

  • Size

    2.8MB

  • MD5

    9614004943301efe7415bf4f0ec07f80

  • SHA1

    955d158826d5cb62156d5cbd961476e0168d1f06

  • SHA256

    854884a55d69892f428e15d7b0df5515e8e548732adc228e40accf83df017a0f

  • SHA512

    3c79e35fca4b3e9d38d47b902a7174c976f3d3889bd24fa10999d7f56215c99b80521f7b8a8ae1d873d0f307b7c4dba36d7b8f7476d6a0174e8e7d0aa276ef69

  • SSDEEP

    49152:H5hlKMgTUqV278xt6bfjtruyxazU8/i8D2EyWJH7/iQQfQZYBD0eYI+HZW5n9K2R:H5hlKMgTUqV278xt6bfjtruyxazU8/in

Score
3/10

Malware Config

Signatures

  • Unsigned PE 5 IoCs

    Checks for missing Authenticode signature.

Files

  • 9614004943301efe7415bf4f0ec07f80_JaffaCakes118
    .exe windows:5 windows x86 arch:x86

    32f3282581436269b3a75b6675fe3e08


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/LangDLL.dll
    .dll windows:5 windows x86 arch:x86

    e981c0ab92cb1f191bb5e23392e14796


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:5 windows x86 arch:x86

    039bcbc605477e8e87ec550c2e60e748


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/UserInfo.dll
    .dll windows:5 windows x86 arch:x86

    45d25ca52c312b2254c60dbcb30342d1


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/modern-wizard.bmp
  • $PLUGINSDIR/nsDialogs.dll
    .dll windows:5 windows x86 arch:x86

    9ea5bdc8c90dfcffe309465c26c89758


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsExec.dll
    .dll windows:5 windows x86 arch:x86

    8700d0ebbb41c81ea52718af1ab70a93


    Headers

    Imports

    Exports

    Sections

  • $PROGRAMFILES/SystemHealer/$APPDATA/System Healer/Languages/English.xml
  • $PROGRAMFILES/SystemHealer/$PROGRAMFILES/SystemHealer/RescueMonitor.exe
    .exe windows:5 windows x86 arch:x86

    18dccd5048daf0e15f0884b6be69bbb6


    Code Sign

    Headers

    Imports

    Sections

  • $PROGRAMFILES/SystemHealer/HealerCheckout.exe
    .exe windows:5 windows x86 arch:x86

    849aaf6b8ffadd9a075f3c6b80e9e685


    Code Sign

    Headers

    Imports

    Sections

  • $PROGRAMFILES/SystemHealer/HealerConsole.exe
    .exe windows:5 windows x86 arch:x86

    511a8da31c49a9dffeb77c814dcdaf22


    Code Sign

    Headers

    Imports

    Sections

  • $R9