Overview

overview

4

Static

static

3

9e90a6443d...18.exe

windows7-x64

4

9e90a6443d...18.exe

windows10-2004-x64

4

$PLUGINSDI...ew.dll

windows7-x64

3

$PLUGINSDI...ew.dll

windows10-2004-x64

3

$PLUGINSDI...is.dll

windows7-x64

3

$PLUGINSDI...is.dll

windows10-2004-x64

3

$PLUGINSDI...ay.dll

windows7-x64

3

$PLUGINSDI...ay.dll

windows10-2004-x64

3

$PLUGINSDI...nk.dll

windows7-x64

3

$PLUGINSDI...nk.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/inetc.dll

windows7-x64

1

$PLUGINSDIR/inetc.dll

windows10-2004-x64

1

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$TEMP/kwun...er.exe

windows7-x64

3

$TEMP/kwun...er.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    9e90a6443d87c9ded3243bd5ba8299f1_JaffaCakes118

  • Size

    625KB

  • MD5

    9e90a6443d87c9ded3243bd5ba8299f1

  • SHA1

    a0efb9ba23709b52d2dd30eb4f24412fbae5b405

  • SHA256

    4282f8c80b9b02ef0583ab9f69f1e5a829d6bf22f7224eb5cad59ce01e337410

  • SHA512

    0546489c05451abd3f755cd0dc0164ff105e61e6c559f19beae5612b8644939b99a01ff76b34cff3b5e42ef9ff11fdfea5ef1ce5cda0b9b2cff5ef0a757f50e9

  • SSDEEP

    12288:Z1HOBws6vFhIEeYlHyf/DbxB4RI/5llTLOuzdUSrz17z:ZiuLvlHyHZBR/5/G/qp

Score
3/10

Malware Config

Signatures

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • 9e90a6443d87c9ded3243bd5ba8299f1_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    ee90b300161ad563b7387f4d64789dc2


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/KuWoNsis_new.dll
    .dll windows:5 windows x86 arch:x86

    8cc197da719dfd6bd5e496af12ba45af


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/KwMusicNsis.dll
    .dll windows:5 windows x86 arch:x86

    6e199b4525d6490362a487f1766a55a6


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/NSISArray.dll
    .dll windows:5 windows x86 arch:x86

    812688d08c0d4a81ed86daeebcf15c55


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ShellLink.dll
    .dll windows:5 windows x86 arch:x86

    50112fdd20200a51dbedeae8f1f33cdb


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    039bcbc605477e8e87ec550c2e60e748


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/inetc.dll
    .dll windows:6 windows x86 arch:x86

    3907333ed0258fd761f45695b76b5c4e


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsDialogs.dll
    .dll windows:4 windows x86 arch:x86

    25a5640a89eb79c57f60a91d10524b18


    Headers

    Imports

    Exports

    Sections

  • $TEMP/kwuninsthelper.exe
    .exe windows:4 windows x86 arch:x86

    ee90b300161ad563b7387f4d64789dc2


    Code Sign

    Headers

    Imports

    Sections