General

  • Target

    01c5e67d4feb5d96972edb451830157b_JaffaCakes118

  • Size

    3.5MB

  • MD5

    01c5e67d4feb5d96972edb451830157b

  • SHA1

    079ef61f1b6a0f028dab22e9225b03f1be423fff

  • SHA256

    a0c21ce63bb6969f0ee10ffd0edbcf97323136b27842adebdd79d63508298bb6

  • SHA512

    239e6ba66d2b71958de75f1c6a0fe2491c9d3d33e9b5f8583053a8ec0a9315b81d342557a8589a874805ad6a1998342bed020324ce9143b9524b11c7b694b979

  • SSDEEP

    98304:8VcP08QLVDwAyWjK/FYRDHsQT2+MzkLAtYrCW8kl:gcPZsV0WjcFYRHsQCNkUY3

Score
7/10

Malware Config

Signatures

  • ASPack v2.12-2.42 1 IoCs

    Detects executables packed with ASPack v2.12-2.42

  • Unsigned PE 7 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 4 IoCs

Files

  • 01c5e67d4feb5d96972edb451830157b_JaffaCakes118
    .rar
  • setup.exe
    .exe windows:4 windows x86 arch:x86

    7fa974366048f9c551ef45714595665e


    Headers

    Imports

    Sections

  • $PLUGINSDIR/FindProcDLL.dll
    .dll windows:4 windows x86 arch:x86

    8df26927f8978d4eb40ff179c0aa961b


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    b1cd0d78f652ce5fc63f0879371af012


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    2017f2acbdaa42ab3e4adeb8b4c37e7b


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-wizard.bmp
  • FreeName.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • names.dll
  • uninst.exe
    .exe windows:4 windows x86 arch:x86

    7fa974366048f9c551ef45714595665e


    Headers

    Imports

    Sections

  • $PLUGINSDIR/FindProcDLL.dll
    .dll windows:4 windows x86 arch:x86

    8df26927f8978d4eb40ff179c0aa961b


    Headers

    Imports

    Exports

    Sections

  • 新云软件.url
    .url