Overview

overview

4

Static

static

3

bd68e020d7...18.exe

windows7-x64

4

bd68e020d7...18.exe

windows10-2004-x64

4

$PLUGINSDI...ew.dll

windows7-x64

3

$PLUGINSDI...ew.dll

windows10-2004-x64

3

$PLUGINSDI...is.dll

windows7-x64

3

$PLUGINSDI...is.dll

windows10-2004-x64

3

$PLUGINSDI...ay.dll

windows7-x64

3

$PLUGINSDI...ay.dll

windows10-2004-x64

3

$PLUGINSDI...nk.dll

windows7-x64

3

$PLUGINSDI...nk.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/inetc.dll

windows7-x64

1

$PLUGINSDIR/inetc.dll

windows10-2004-x64

1

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$TEMP/kwun...er.exe

windows7-x64

3

$TEMP/kwun...er.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bd68e020d796278d3683f75a0d76f52d_JaffaCakes118

  • Size

    858KB

  • MD5

    bd68e020d796278d3683f75a0d76f52d

  • SHA1

    7645095d4e50a9484f640347e3a6e3f0d53ec1d5

  • SHA256

    c55732168517ea7a91d294844d2e32da201bb31e95ec484f68f29fa5efb5e08b

  • SHA512

    558bc4ecad5fed3d4527a26fd021232248e5147b8c19a798b510c33f1126604f32e5bb590b1ca4ec564fb8aec18d282a2272519563534a9bfe8734e14c9faeef

  • SSDEEP

    12288:g1HZBFqMkpHzHzmHdFFagEEDC111RmqmqmqmNXAXAXAEBYYAoVHzHacsimn75jRL:gZc75jRrLN2fnTaKRnw4i5EAaQd

Score
3/10

Malware Config

Signatures

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • bd68e020d796278d3683f75a0d76f52d_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    ee90b300161ad563b7387f4d64789dc2


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/KuWoNsis_new.dll
    .dll windows:5 windows x86 arch:x86

    f7bdf84c2df6c97befad5bdb81175b23


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/KwMusicNsis.dll
    .dll windows:5 windows x86 arch:x86

    d720c1fe9f9034edd57dcfc83df1eadf


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/NSISArray.dll
    .dll windows:5 windows x86 arch:x86

    812688d08c0d4a81ed86daeebcf15c55


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ShellLink.dll
    .dll windows:5 windows x86 arch:x86

    50112fdd20200a51dbedeae8f1f33cdb


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    039bcbc605477e8e87ec550c2e60e748


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/inetc.dll
    .dll windows:6 windows x86 arch:x86

    3907333ed0258fd761f45695b76b5c4e


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsDialogs.dll
    .dll windows:4 windows x86 arch:x86

    25a5640a89eb79c57f60a91d10524b18


    Headers

    Imports

    Exports

    Sections

  • $TEMP/kwuninsthelper.exe
    .exe windows:4 windows x86 arch:x86

    ee90b300161ad563b7387f4d64789dc2


    Code Sign

    Headers

    Imports

    Sections