General

  • Target

    a354f1dec101798d15052fc10008f9f0_JaffaCakes118

  • Size

    2.6MB

  • MD5

    a354f1dec101798d15052fc10008f9f0

  • SHA1

    e1d02f9cff9047815912f111aa3be07dc79d341f

  • SHA256

    eb25a842053c71527656aaf759dd64d333ea0e66f0e237d716340ec5bdb073ab

  • SHA512

    cc86a9ca6fcea338aa9cd672bf7e2427a33180fffde6350ad752e74554bea1f505e838c4daa96a45fdec938d7aefb497e483d568078991ea55dccd44438f37c7

  • SSDEEP

    49152:M8MM9HBQlZE7MArHoyDRkQb8CuMeSGO7xLLNPpJ6Qmub1F1ZblhwLRA+asFO6asY:M8MM9HBQFQHph4CutpOlLhBcQDbNZblN

Score
7/10
upx

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 1 IoCs

    Detects file using ACProtect software.

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 9 IoCs

    Checks for missing Authenticode signature.

Files

  • a354f1dec101798d15052fc10008f9f0_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    7ed0d71376e55d58ab36dc7d3ffda898


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/ShellExecAsUser.dll
    .dll windows:6 windows x86 arch:x86

    74eb4c5d129e78f52ccfa28e2d5c44c2


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/StartMenu.dll
    .dll windows:4 windows x86 arch:x86

    80469f6834e579db68a646d49780b9d5


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    fc0224e99e736751432961db63a41b76


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/UpdHelper.dll
    .dll windows:6 windows x86 arch:x86

    d1462a27a934e82a7d14fef4385f692a


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/md5dll.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • out.upx
    .dll windows:4 windows x86 arch:x86


    Headers

    Sections

  • $PLUGINSDIR/modern-header.bmp
  • $PLUGINSDIR/modern-wizard.bmp
  • $PLUGINSDIR/nsDialogs.dll
    .dll windows:4 windows x86 arch:x86

    ec5fddc407d2b4e0a16fc4d786afc555


    Headers

    Imports

    Exports

    Sections

  • $TEMP/$0.nsis
  • $_43_/Modules/CmlProc.dll
    .dll windows:6 windows x86 arch:x86

    4b56bfb1791cb484d1b86fbcd632e905


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $_43_/Modules/InSes.dll
    .dll windows:6 windows x86 arch:x86

    da50dcede762476e94f766d98da78b88


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $_43_/Modules/ManXec.dll
    .dll windows:6 windows x86 arch:x86

    3a68ec1026ade049f784dbebe3a83cfb


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $_43_/RtHelp.exe
    .exe windows:6 windows x86 arch:x86

    b992edd3a85c4b71f2e4ffb360f4cd6d


    Code Sign

    Headers

    Imports

    Sections

  • $_43_/msvcp110.dll
    .dll windows:6 windows x86 arch:x86

    098e9eddf1a24b3fd9465ee992148a02


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $_43_/msvcr110.dll
    .dll windows:6 windows x86 arch:x86

    e057a95f8936f77238b048f253956b3b


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Games Bot.exe.config
    .xml
  • Modules/7z.dll
    .dll windows:4 windows x86 arch:x86

    71fc45db7a81ce236f432a828a4e8fcd


    Headers

    Imports

    Exports

    Sections

  • Modules/CmdProc.dll
    .dll windows:6 windows x86 arch:x86

    69031a4fc4a8def4c5c5667b9568a51d


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Modules/CmlProc.dll
    .dll windows:6 windows x86 arch:x86

    4b56bfb1791cb484d1b86fbcd632e905


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Modules/CmnUtls.dll
    .dll windows:6 windows x86 arch:x86

    aa8001def291fadf9d0cedae945797af


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Modules/InSes.dll
    .dll windows:6 windows x86 arch:x86

    da50dcede762476e94f766d98da78b88


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Modules/ManXec.dll
    .dll windows:6 windows x86 arch:x86

    3a68ec1026ade049f784dbebe3a83cfb


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Modules/NavSupp.dll
    .dll windows:6 windows x86 arch:x86

    01d7f9c204cd57846bd4c12bbd9800e9


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Modules/PrfIns.dll
    .dll windows:6 windows x86 arch:x86

    6a467be532b93556a3cdece00f2437c2


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Modules/WbSes.dll
    .dll windows:6 windows x86 arch:x86

    e2ea5011da0e4513a86e8041efe6c97c


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Modules/WblSupp.dll
    .dll windows:6 windows x86 arch:x86

    b24fbd5b9665209307cad63d89c97c06


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Modules/WdcMan.dll
    .dll windows:6 windows x86 arch:x86

    2baf22696165027cd6004f35d8d634a0


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • System.Data.SQLite.dll
    .dll windows:5 windows x86 arch:x86

    8067a5631cafa1803a58b72f826f7911


    Headers

    Imports

    Exports

    Sections

  • gbRunner.exe
    .exe windows:6 windows x86 arch:x86

    b992edd3a85c4b71f2e4ffb360f4cd6d


    Code Sign

    Headers

    Imports

    Sections

  • msvcp110.dll
    .dll windows:6 windows x86 arch:x86

    098e9eddf1a24b3fd9465ee992148a02


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • msvcr110.dll
    .dll windows:6 windows x86 arch:x86

    e057a95f8936f77238b048f253956b3b


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • uninstall.exe.nsis