Overview

overview

10

Static

static

10

155绿色�...��.url

windows7-x64

1

155绿色�...��.url

windows10-2004-x64

1

Connectify...er.exe

windows7-x64

7

Connectify...er.exe

windows10-2004-x64

7

$PLUGINSDI...lp.dll

windows7-x64

1

$PLUGINSDI...lp.dll

windows10-2004-x64

1

$PLUGINSDI...SC.dll

windows7-x64

3

$PLUGINSDI...SC.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/UAC.dll

windows7-x64

3

$PLUGINSDIR/UAC.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$PLUGINSDI...ec.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows10-2004-x64

3

$TEMP/Conn...wn.exe

windows7-x64

3

$TEMP/Conn...wn.exe

windows10-2004-x64

3

$TEMP/wifi.dll

windows7-x64

1

$TEMP/wifi.dll

windows10-2004-x64

1

BuildProps.dll

windows7-x64

1

BuildProps.dll

windows10-2004-x64

1

ConnUPnP.dll

windows7-x64

1

ConnUPnP.dll

windows10-2004-x64

1

Connectify.exe

windows7-x64

1

Connectify.exe

windows10-2004-x64

6

ConnectifyNAT.dll

windows7-x64

1

ConnectifyNAT.dll

windows10-2004-x64

1

Connectify...es.exe

windows7-x64

1

Connectify...es.exe

windows10-2004-x64

1

Connectifyd.exe

windows7-x64

1

Connectifyd.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    10de35a72f05fd40a075993d0c1378b0_JaffaCakes118

  • Size

    2.2MB

  • MD5

    10de35a72f05fd40a075993d0c1378b0

  • SHA1

    15cc57ebdd406a42f489e23440792c0cec0d3ef0

  • SHA256

    ba090f00dec7afbd561670d2a345193fe2d8c10688aa3b5c73972918d1a55a4a

  • SHA512

    ca5f5fa96a2c57e51b441ca70302d195dbb7af25cf068289f27ba5583e113db4d8c76f2343e8f4f4de89588e9d71fae1b34188cee120eb9c1c5d3f6ac8dc41d6

  • SSDEEP

    49152:csT/ZVknzPhWewNK497iok1BN4VTF07mbJbvvNZT:csTBVm5iQ4Nrk1BN8F0iZFZT

Score
10/10
ploutus

Malware Config

Signatures

  • Detected Ploutus loader 1 IoCs
  • Ploutus family
    ploutus
  • Unsigned PE 12 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 4 IoCs
    installer

Files

  • 10de35a72f05fd40a075993d0c1378b0_JaffaCakes118
    .rar
  • 155绿色软件站.url
    .url
  • ConnectifyInstaller.exe
    .exe windows:4 windows x86 arch:x86

    dfb06052e74b26a42b0e490bd1c07959


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/OCSetupHlp.dll
    .dll regsvr32 windows:5 windows x86 arch:x86

    0615854a8bf9998cbbbcc756d6e6d4bf


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/SimpleSC.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    2017f2acbdaa42ab3e4adeb8b4c37e7b


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/UAC.dll
    .dll windows:4 windows x86 arch:x86

    d78ca16597d32a4413a1ca1794041785


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/modern-header.bmp
  • $PLUGINSDIR/modern-wizard.bmp
  • $PLUGINSDIR/nsDialogs.dll
    .dll windows:4 windows x86 arch:x86

    1e2884056e655f2b7bc5a904e352fc80


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsExec.dll
    .dll windows:4 windows x86 arch:x86

    d83f71e61ee459ee63ca3e829966a9dc


    Headers

    Imports

    Exports

    Sections

  • $TEMP/ConnectifyShutdown.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Code Sign

    Headers

    Imports

    Sections

  • $TEMP/wifi.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • BuildProps.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • ConnUPnP.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • Connectify.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Code Sign

    Headers

    Imports

    Sections

  • Connectify.exe.config
  • ConnectifyNAT.dll
    .dll windows:5 windows x86 arch:x86

    675f4c21e3bc18a8b1c8d9b3908805a0


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • ConnectifyNetServices.exe
    .exe windows:5 windows x86 arch:x86

    5c9a7c42314bfcf982d918ee6b0cb0c3


    Code Sign

    Headers

    Imports

    Sections

  • Connectifyd.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Code Sign

    Headers

    Imports

    Sections

  • Connectifyd.exe.config
  • DriverLib.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • HardwareHelperLib.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • HtmlAgilityPack.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • Interop.NETCONLib.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • Interop.NETWORKLIST.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • Interop.NetFwTypeLib.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • Interop.SHDocVw.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • Ionic.Zip.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • UPnP.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • Uninstall.exe.nsis
  • WCN-UFD/AUTORUN.INF
  • WCN-UFD/SMRTNTKY/MessageB.txt
  • WCN-UFD/SMRTNTKY/fcw.ico
  • WCN-UFD/setupSNK.exe
    .exe windows:6 windows x86 arch:x86

    f33d1aaa7748aac42f8b1bfe46c5bd4d


    Headers

    Imports

    Sections

  • WPSLib.dll
    .dll windows:5 windows x86 arch:x86

    38c4c38395ad5357ba42c880eab2eaff


    Code Sign

    Headers

    Imports

    Sections

  • connectifynat.l4c
  • drivers/amd64/connctfy.cat
  • drivers/amd64/connctfy.inf
  • drivers/amd64/connctfy.sys
    .sys windows:5 windows x64 arch:x64

    47741601a8d417ed3dee154e7b640d25


    Code Sign

    Headers

    Imports

    Sections

  • drivers/amd64/connctfy_m.inf
  • drivers/amd64/snetcfg.exe
    .exe windows:5 windows x64 arch:x64

    cef93da515744014629bc14ba0ac6191


    Headers

    Imports

    Sections

  • drivers/x86/connctfy.cat
  • drivers/x86/connctfy.inf
  • drivers/x86/connctfy.sys
    .sys windows:5 windows x86 arch:x86

    64277759856db01af6510c7d40f82086


    Code Sign

    Headers

    Imports

    Sections

  • drivers/x86/connctfy_m.inf
  • drivers/x86/snetcfg.exe
    .exe windows:5 windows x86 arch:x86

    d6ae4c79da3020a39c8e06ed18543c45


    Headers

    Imports

    Sections

  • gma.Windows.Firewall.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • install-driver-amd64.bat
  • install-driver-x86.bat
  • io.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • log4cxx.dll
    .dll windows:5 windows x86 arch:x86

    b5b218837ee2088b39158732524b0c94


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • log4net.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections

  • logs/logs.txt
  • ndisapi.dll
    .dll windows:4 windows x86 arch:x86

    8d71c681d609622894a03eef29b735ce


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • source/ManagedWifi/Interop.cs
  • source/ManagedWifi/ManagedWifi.csproj
  • source/ManagedWifi/Properties/AssemblyInfo.cs
  • source/ManagedWifi/WlanApi.cs
    .vbs
  • source/ManagedWifi/app.config
  • source/ManagedWifi/license.txt
  • source/dualserver/DualServer.cpp
  • source/dualserver/DualServer.h
  • source/dualserver/gpl-2.0.txt
  • source/dualserver/makefile
  • start_service.exe
    .exe windows:4 windows x86 arch:x86

    1c042238f43557c055fca8642de8a074


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/SimpleSC.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    2017f2acbdaa42ab3e4adeb8b4c37e7b


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/modern-header.bmp
  • $PLUGINSDIR/nsExec.dll
    .dll windows:4 windows x86 arch:x86

    d83f71e61ee459ee63ca3e829966a9dc


    Headers

    Imports

    Exports

    Sections

  • uninstall-driver-amd64.bat
  • uninstall-driver-x86.bat
  • wifi.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Code Sign

    Headers

    Imports

    Sections