Overview

overview

6

Static

static

3

CHMHelpFile.chm

windows7-x64

1

CHMHelpFile.chm

windows10-2004-x64

1

CustomActions64.dll

windows7-x64

1

CustomActions64.dll

windows10-2004-x64

1

CustomActions86.dll

windows7-x64

1

CustomActions86.dll

windows10-2004-x64

1

DifxApiModule64.dll

windows7-x64

1

DifxApiModule64.dll

windows10-2004-x64

1

DifxApiModule86.dll

windows7-x64

1

DifxApiModule86.dll

windows10-2004-x64

1

EULA.rtf

windows7-x64

4

EULA.rtf

windows10-2004-x64

1

PDFHelpFile.pdf

windows7-x64

1

PDFHelpFile.pdf

windows10-2004-x64

1

WixCandle.exe

windows7-x64

1

WixCandle.exe

windows10-2004-x64

1

WixDarice.msi

windows7-x64

6

WixDarice.msi

windows10-2004-x64

6

WixLight.exe

windows7-x64

1

WixLight.exe

windows10-2004-x64

1

WixMergemod.dll

windows7-x64

1

WixMergemod.dll

windows10-2004-x64

1

WixMergemodCub.msi

windows7-x64

6

WixMergemodCub.msi

windows10-2004-x64

6

WixNetFxExtension.dll

windows7-x64

1

WixNetFxExtension.dll

windows10-2004-x64

1

WixUtilExtension.dll

windows7-x64

1

WixUtilExtension.dll

windows10-2004-x64

1

WixWconsole.dll

windows7-x64

1

WixWconsole.dll

windows10-2004-x64

1

WixWinterop.dll

windows7-x64

3

WixWinterop.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    a3ee109853283ee4ca55e9c723c01faa_JaffaCakes118

  • Size

    22.9MB

  • MD5

    a3ee109853283ee4ca55e9c723c01faa

  • SHA1

    0881f78a6e00d93abf9809312374457acc9d29bd

  • SHA256

    c11a1fc644404e6787dd138de8c5afb052ac1d3a780af84dc631eb1375a7d20c

  • SHA512

    1d6be6cb8c522913c2b546b35af9eedd44d619d8c3528627811907378e9c53bfd6d4677c6d5b4eac4d4c6109c87d1777713e86433b33eb567ebd5b1d5baff22d

  • SSDEEP

    393216:fPvVaTnERWCZPWzxihwFu4Dz0p5xj32XaEXmlELNc7YBXKS2MWY0Vyrf5rWsOB:3vVaTn4PWzxtFucQp5x3EXmQc7Y9KS2t

Score
3/10
pdflink

Malware Config

Signatures

  • One or more HTTP URLs in PDF identified

    Detects presence of HTTP links in PDF files.

    pdflink
  • Unsigned PE 7 IoCs

    Checks for missing Authenticode signature.

Files

  • a3ee109853283ee4ca55e9c723c01faa_JaffaCakes118
    .cab
  • CHMHelpFile
    .chm
  • CustomActions64
    .dll windows:5 windows x64 arch:x64

    945d1a0a6def8add7b2b53f554b9fc6c


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • CustomActions86
    .dll windows:5 windows x86 arch:x86

    6ed0ae7e0c592a79955e9693aa516a6e


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • DifxApiModule64
    .dll windows:6 windows x64 arch:x64

    fc6cd2a0e8ffb9e4e3028c8d57d848b9


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • DifxApiModule86
    .dll windows:6 windows x86 arch:x86

    2dc2b1b70b7adbaedb29cfdf731f8fa7


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • EULA
    .rtf
  • PDFHelpFile
    .pdf

    • http://blogs.msdn.com/b/jensenh/archive/2008/03/12/the-story-of-the-ribbon.aspx

    • http://emcosoftware.com

    • http://emcosoftware.com/support

    • http://msdn.microsoft.com/en-us/library/aa370905%28v=vs.85%29.aspx

    • http://msdn.microsoft.com/en-us/library/dn742393.aspx

    • http://msdn.microsoft.com/en-us/library/dn742486.aspx

    • https://emcosoftware.com

    • https://emcosoftware.com/msi-package-builder/download

    • https://emcosoftware.com/msi-package-builder/feature-list

    • Show all
  • WebPageURL
  • WixCandle
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • WixCandleConfig
    .xml
  • WixDarice
    .msi
  • WixLight
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • WixLightConfig
    .xml
  • WixMergemod
    .dll regsvr32 windows:6 windows x86 arch:x86

    20a37b531a7f5cd8fc39a83880dc64ef


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • WixMergemodCub
    .msi .vbs polyglot
  • WixNetFxExtension
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • WixUtilExtension
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • WixWconsole
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • WixWinterop
    .dll windows:5 windows x86 arch:x86

    2408b50e23d1160bf3c3b2ae9eb308cc


    Headers

    Imports

    Exports

    Sections

  • Wixdll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • WrapPackagesInstaller64
    .exe windows:5 windows x64 arch:x64

    83588674321670b7a127a66a84d9fed9


    Code Sign

    Headers

    Imports

    Sections

  • WrapPackagesInstaller86
    .exe windows:5 windows x86 arch:x86

    8e526e43aeb4c0649cf606659103cd6b


    Code Sign

    Headers

    Imports

    Sections