Overview

overview

7

Static

static

3

9aa4561d1e...18.exe

windows7-x64

7

9aa4561d1e...18.exe

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/TBC.dll

windows7-x64

1

$PLUGINSDIR/TBC.dll

windows10-2004-x64

1

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$PLUGINSDI...ct.dll

windows7-x64

1

$PLUGINSDI...ct.dll

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    9aa4561d1e5b65ecaffb2103f45736d5_JaffaCakes118

  • Size

    344KB

  • MD5

    9aa4561d1e5b65ecaffb2103f45736d5

  • SHA1

    45a9a900e0ac15d88eafef8625c75f3be9d1cf4f

  • SHA256

    234a9e6d169185293b68e8c37a3b8971acdb90b6be05d6e837adf2a7d8245f9d

  • SHA512

    e902518b667c724a191d511474f905fa7eeabd4341da1d1a1fa1d2c7a16ff2c74556f0873e8643a3ab8c3acfe9d0c31361ee01cce9ca98b5ab972a0e5bbf0829

  • SSDEEP

    6144:+bUTp1nN+FIMmShM+eB6KEzRa3pPBzGCX6VCyKHpanXh4uD3:+I3NGIMmS8cbRuX6OpaX9

Score
3/10

Malware Config

Signatures

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 9aa4561d1e5b65ecaffb2103f45736d5_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    7ed0d71376e55d58ab36dc7d3ffda898


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/01_1435776792865.bmp
  • $PLUGINSDIR/05_1435776799225.bmp
  • $PLUGINSDIR/Install_LA_MX_1435773998052.bmp
  • $PLUGINSDIR/RR_1435779268221.bmp
  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    fc0224e99e736751432961db63a41b76


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/TBC.dll
    .dll windows:5 windows x86 arch:x86

    b849bbef6db4bd5d3c2ee3dae22cc540


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/cancel_SPA_1435774238308.bmp
  • $PLUGINSDIR/cancel_SPA_1435779790021.bmp
  • $PLUGINSDIR/cleanup_SPA_140x36_1435774233093.bmp
  • $PLUGINSDIR/nsDialogs.dll
    .dll windows:5 windows x86 arch:x86

    58da96f4c774d946620f1d9e7be93b20


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/oops_exclamation_pt_1435773989483.bmp
  • $PLUGINSDIR/t8bprtct.dll
    .dll regsvr32 windows:5 windows x86 arch:x86

    95cf83a10236a8bd2ce8b632973eb995


    Code Sign

    Headers

    Imports

    Exports

    Sections