General

  • Target

    03597759d5e4eb4218a6e6ce955f2ded_JaffaCakes118

  • Size

    5.6MB

  • MD5

    03597759d5e4eb4218a6e6ce955f2ded

  • SHA1

    18a686c4aa05116bc3984bb22dbf5811307b056b

  • SHA256

    232d68366f96ec9c3e3d9c61902c4ec5fbb2f8c229359aaad7330941f96ed62f

  • SHA512

    d3eb9701d4efb53db8e888585758c0f5b813103ef06056770d8b63e86a8b99eb946d78d74efb4d9104f59dd0cd8a1f03446b68475b4c6fe211d20827cf055c81

  • SSDEEP

    98304:qbqkk6GWrY2FLByXLNPSnl+veMiiC9jxV8fog1vg6TAJ+yn5bRlvjMdnU4xQybzy:kEG82FLqL9nfC9j89T8+y5bPvjM9FAP

Score
3/10

Malware Config

Signatures

  • Unsigned PE 3 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 2 IoCs

Files

  • 03597759d5e4eb4218a6e6ce955f2ded_JaffaCakes118
    .rar
  • E-crack 1.0/E-crack 1.0.exe
    .exe windows:4 windows x86 arch:x86

    7fa974366048f9c551ef45714595665e


    Headers

    Imports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    2017f2acbdaa42ab3e4adeb8b4c37e7b


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsDialogs.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • $TEMP/A2828762/c1028292.bin
  • $TEMP/A2828762/c1065726
  • $TEMP/A2828762/htm/images/bg-office-1.gif
    .gif
  • $TEMP/A2828762/htm/images/bg-office-1.psd
  • $TEMP/A2828762/htm/images/bg-office-2.png
    .png
  • $TEMP/A2828762/htm/images/bg-office-2.psd
  • $TEMP/A2828762/htm/images/bg-office-3.png
    .png
  • $TEMP/A2828762/htm/images/bg-office.gif
    .gif
  • $TEMP/A2828762/htm/images/bg-office.png
    .png
  • $TEMP/A2828762/htm/images/bg-office.psd
  • $TEMP/A2828762/htm/images/bramus/Thumbs.db
  • $TEMP/A2828762/htm/images/bramus/percentImage.gif
    .gif
  • $TEMP/A2828762/htm/images/bramus/percentImage.png
    .png
  • $TEMP/A2828762/htm/images/bramus/percentImage_back.png
    .png
  • $TEMP/A2828762/htm/images/btn-bg-active.png
    .png
  • $TEMP/A2828762/htm/images/btn-bg.png
    .png
  • $TEMP/A2828762/htm/images/icons/add.gif
    .gif
  • $TEMP/A2828762/htm/images/icons/empty.gif
    .gif
  • $TEMP/A2828762/htm/images/icons/fill.gif
    .gif
  • $TEMP/A2828762/htm/images/icons/get.gif
    .gif
  • $TEMP/A2828762/htm/images/icons/minus.gif
    .gif
  • $TEMP/A2828762/htm/images/icons/set.gif
    .gif
  • $TEMP/A2828762/htm/images/top.png
    .png
  • $TEMP/A2828762/htm/js/bramus/jsProgressBarHandler.js
  • $TEMP/A2828762/htm/js/prototype/prototype.js
  • $TEMP/A2828762/htm/page.html
  • $TEMP/A2828762/htm/page2.html
  • $TEMP/A2828762/htm/page3.html
  • $TEMP/A2828762/htm/page4.html
  • $TEMP/A2828762/htm/style.css
  • $TEMP/A2828762/htm/Áåçèìåíè-1.png
    .png
  • $TEMP/A2828762/k1030977.bin
  • $TEMP/A2828762/n1039203.bin
  • $TEMP/A2828762/p1033328.bin
  • $TEMP/A2828762/q1008790.bin
  • $TEMP/A2828762/s1021495.bin
  • VK Gaming 2.1/VK Gaming 2.1.exe
  • VK Gaming 2.1/libeay32.dll
  • VK Gaming 2.1/msvcr71.dll
  • VK Gaming 2.1/ssleay32.dll
  • E-crack 1.0/Readme.txt