General

  • Target

    050f702b7002a2958d9e67bf8bce5231_JaffaCakes118

  • Size

    507KB

  • MD5

    050f702b7002a2958d9e67bf8bce5231

  • SHA1

    20c47e8ab873773ffc6b2faf20df3d4eec55d4ce

  • SHA256

    251a6ef2099031a00e66b7fafb2334b55f792c93c70aa349d2c0ffdd3479b567

  • SHA512

    bd228fae96cbf5ab8b0f336e565128bf40b181b2874768630d6871425b584b29c67a9fe9c3cd547b8c1377bd3a52ddc85a8dfd84ac4f91d59c57167fe7ff9ac9

  • SSDEEP

    12288:sul7z4mCQwCaodo0dZfg8bvPIOfBaYCKOKphlCegQeEcfKm4Xy:sulQmCYaCvrrIO5aqOKnlCepe5P4Xy

Score
3/10

Malware Config

Signatures

  • Unsigned PE 11 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 2 IoCs

Files

  • 050f702b7002a2958d9e67bf8bce5231_JaffaCakes118
    .rar
  • Setup_ystacc_1.2.1.4753.exe
    .exe windows:4 windows x86 arch:x86

    18bc6fa81e19f21156316b1ae696ed6b


    Headers

    Imports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    57354bdeea3dfae6e948101add87501a


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-wizard.bmp
  • $PLUGINSDIR/nsExec.dll
    .dll windows:4 windows x86 arch:x86

    f835ad7f9363dc017c6826af3baa9002


    Headers

    Imports

    Exports

    Sections

  • Updater.exe
    .exe windows:4 windows x86 arch:x86

    58a05af1f50c85eb602426794f76110a


    Headers

    Imports

    Sections

  • cert/ca.crt
  • cert/netpas.crt
  • cert/netpas.key
  • driver/drv_install.exe
    .exe windows:5 windows x86 arch:x86

    575a28d688d159a394f4aab4da2ed819


    Headers

    Imports

    Sections

  • driver/netpas.inf
  • driver/netpas.sys
    .sys windows:5 windows x86 arch:x86

    9575da27abd5b9fe071f159fd636143c


    Headers

    Imports

    Sections

  • driver/verf_adpt.exe
    .exe windows:4 windows x86 arch:x86

    ce1850e3fe309e983fbfa8eb50a1f5d5


    Headers

    Imports

    Sections

  • license_tianying.txt
  • uninst.exe
    .exe windows:4 windows x86 arch:x86

    18bc6fa81e19f21156316b1ae696ed6b


    Headers

    Imports

    Sections

  • $PLUGINSDIR/LangDLL.dll
    .dll windows:4 windows x86 arch:x86

    2db813254ea8b4d2a92d703ecb659f39


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsExec.dll
    .dll windows:4 windows x86 arch:x86

    f835ad7f9363dc017c6826af3baa9002


    Headers

    Imports

    Exports

    Sections

  • ystacc.exe
    .exe windows:4 windows x86 arch:x86

    739be0ed80d3a60a6a86ed8fbcb7c355


    Headers

    Imports

    Sections

  • 新云软件.url
    .url