General

  • Target

    1762b02d557e5419161437498c4f0c99_JaffaCakes118

  • Size

    3.3MB

  • MD5

    1762b02d557e5419161437498c4f0c99

  • SHA1

    af919dfd4236b24400510a1f56ab74ddd036dc35

  • SHA256

    fb7bf0c4a9c019d09f23c4bb949656dda12157fba6197853aa68e146981838b5

  • SHA512

    39645eee43814f6378861141dcf965c1cf6e1e91482d36e4cc9507e9d22f45635526bd1491b52813f2fce054ac917da4d905b7b1969c50e94b74fd61b79c2069

  • SSDEEP

    98304:Xw3iMK/ifWnlps9zwyBubwbrYU1wob45sh22QtUYtM/wnoP5Q:XwSls9zwyw9Up0EJYtMYnaQ

Score
7/10
upx

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 1 IoCs

    Detects file using ACProtect software.

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 14 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 2 IoCs

Files

  • 1762b02d557e5419161437498c4f0c99_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    7fa974366048f9c551ef45714595665e


    Headers

    Imports

    Sections

  • $PLUGINSDIR/FindProcDLL.dll
    .dll windows:4 windows x86 arch:x86

    c480ee4d2a64d4a16edee43fdfe35079


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    b1cd0d78f652ce5fc63f0879371af012


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/KillProc.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • out.upx
    .dll windows:4 windows x86 arch:x86


    Headers

    Sections

  • $PLUGINSDIR/LangDLL.dll
    .dll windows:4 windows x86 arch:x86

    9b6b6a7858e17fb0b17e1c1428330343


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/NSISdl.dll
    .dll windows:4 windows x86 arch:x86

    9cce555dd3ff1b6c7dc92d64c794c51a


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    2017f2acbdaa42ab3e4adeb8b4c37e7b


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/UAC.dll
    .dll windows:4 windows x86 arch:x86

    ab0d6b61eda9d1dc039b5837f731d965


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ZipDLL.dll
    .dll windows:4 windows x86 arch:x86

    f10b94e3705eae25c7617ba56a648b77


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-wizard.bmp
  • $PLUGINSDIR/nsExec.dll
    .dll windows:4 windows x86 arch:x86

    d83f71e61ee459ee63ca3e829966a9dc


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/pantallatoolbar
  • $PLUGINSDIR/xml.dll
    .dll windows:4 windows x86 arch:x86

    b5ed5b3a951d4443ce56e5453702d536


    Headers

    Imports

    Exports

    Sections

  • $R5/META-INF/manifest.mf
  • $R5/META-INF/zigbert.rsa
  • $R5/META-INF/zigbert.sf
  • $R5/chrome.manifest
  • $R5/chrome/toggleen.jar
    .zip
  • content/ScrollbarBindings.xml
    .xml
  • content/about.xul
    .xml
  • content/aboutTabs.htm
    .html
  • content/alert-bindings.xml
    .xml
  • content/alertAbout.xul
    .xml
  • content/alertMain.xul
    .xml
  • content/alertPreview.xul
    .xml
  • content/alertSettings.xul
    .xml
  • content/autocomplete-menulist.xml
    .js .xml polyglot
  • content/chat-menu-button.xml
    .js .xml polyglot
  • content/chevronDialog.xul
    .js .xml polyglot
  • content/contents.rdf
    .xml
  • content/ctoolbar.js
    .js
  • content/enAddEdit.xul
    .js .xml polyglot
  • content/enConfirm.xul
    .js .xml polyglot
  • content/enSettings.xul
    .js .xml polyglot
  • content/enTestAccount.xul
    .xml
  • content/fbSettings.xul
    .xml
  • content/feed-bindings.xml
    .js .xml polyglot
  • content/gadgets-bindings.xml
    .js .xml polyglot
  • content/manageMenu.xul
    .xml
  • content/multicommunity.xul
    .xml
  • content/multicommunity_detected.xul
    .js .xml polyglot
  • content/multicommunity_download.xul
    .xml
  • content/myStuffError.xul
    .xml
  • content/oldapi/weather_oldapi.xul
    .xml
  • content/options.xul
    .xml
  • content/popup.xul
    .js .xml polyglot
  • content/popup_chat.xul
    .js .xml polyglot
  • content/radio.xml
    .xml
  • content/radio_addEdit.xul
    .js .xml polyglot
  • content/radio_menu.xul
    .xml
  • content/radio_search.xul
    .xml
  • content/radio_volume.xul
    .xml
  • content/toolbarOverlay.xul
    .js .xml polyglot
  • content/toolbarbutton-mirrored-icon.xml
    .js .xml polyglot
  • content/truste.xul
    .xml
  • content/twitter-bindings.xml
    .js .xml polyglot
  • content/uninstall.xul
    .js .xml polyglot
  • content/wait.xul
    .xml
  • content/weather.xul
    .xml
  • content/weatherRTL.xul
    .js .xml polyglot
  • content/welcome.xul
    .xml
  • content/welcomeMacLinux.xul
    .xml
  • content/welcomeRTL.xul
    .xml
  • skin/AOL_load.gif
    .gif
  • skin/about_bg.png
    .png
  • skin/about_icon.png
    .png
  • skin/alert/AboutTitleBarImage.gif
    .gif
  • skin/alert/BottomStrip.gif
    .gif
  • skin/alert/CloseButtonAll.gif
    .gif
  • skin/alert/NextAll.gif
    .gif
  • skin/alert/OptionsTitleBarImage.gif
    .gif
  • skin/alert/PrevAll.gif
    .gif
  • skin/alert/SettingsButtonAll.gif
    .gif
  • skin/alert/TopStrip.gif
    .gif
  • skin/alert/TrayIcon.ico
  • skin/alert/TrayIconAnimated.gif
    .gif
  • skin/alert/TrayIconBlocked.ico
  • skin/alert/about.css
  • skin/alert/aboutAll.gif
    .gif
  • skin/alert/alert.css
  • skin/alert/btn.gif
    .gif
  • skin/alert/btn_dn.gif
    .gif
  • skin/alert/btn_hover.gif
    .gif
  • skin/alert/dot.gif
    .gif
  • skin/alert/faqAll.gif
    .gif
  • skin/alert/feedbackAll.gif
    .gif
  • skin/alert/preview.css
  • skin/alert/privacyAll.gif
    .gif
  • skin/alert/settings.css
  • skin/alert/viewRecentTitleBarImage.gif
    .gif
  • skin/blank.png
    .png
  • skin/block.png
    .png
  • skin/chat/HasUsersOnline.gif
    .gif
  • skin/chevron.png
    .png
  • skin/chevron_rtl.png
    .png
  • skin/contents.rdf
    .xml
  • skin/ebdialogstyle.css
  • skin/ebtoolbarbuttonstyleLinux.css
  • skin/ebtoolbarbuttonstyleMac.css
  • skin/ebtoolbarbuttonstyleWinXP.css
  • skin/ebtoolbarstyle.css
  • skin/email.png
    .png
  • skin/emailnew.png
    .png
  • skin/emailnewsmall.png
    .png
  • skin/enSound.wav
  • skin/expand.png
    .png
  • skin/facebook/component_icon_big.png
    .png
  • skin/facebook/facebook.css
  • skin/facebook/facebook_logo.png
    .png
  • skin/facebook/faq.png
    .png
  • skin/facebook/faq_over.png
    .png
  • skin/facebook/privacy.png
    .png
  • skin/facebook/privacy_over.png
    .png
  • skin/facebook/separator_line.jpg
    .jpg
  • skin/feed.css
  • skin/feedRTL_bg.png
    .png
  • skin/feed_bg.png
    .png
  • skin/feed_comment_all.png
    .png
  • skin/feed_delete_all.png
    .png
  • skin/feed_env_read.png
    .png
  • skin/feed_env_unread.png
    .png
  • skin/feed_read_all.png
    .png
  • skin/feed_refresh_all.png
    .png
  • skin/feed_unread_all.png
    .png
  • skin/floatingToolbar.css
  • skin/gadgets/MyStuff.png
    .png
  • skin/gadgets/MyStuffBlinkAndHighlight.gif
    .gif
  • skin/gadgets/MyStuffHighlight.png
    .png
  • skin/gadgets/chat/Close.gif
    .gif
  • skin/gadgets/chat/CloseHover.gif
    .gif
  • skin/gadgets/chat/ClosePressed.gif
    .gif
  • skin/gadgets/chat/EditDown.gif
    .gif
  • skin/gadgets/chat/EditDownHover.gif
    .gif
  • skin/gadgets/chat/EditDownPressed.gif
    .gif
  • skin/gadgets/chat/EditUp.gif
    .gif
  • skin/gadgets/chat/EditUpHover.gif
    .gif
  • skin/gadgets/chat/EditUpPressed.gif
    .gif
  • skin/gadgets/chat/GadgetWindow.css
  • skin/gadgets/chat/Minimized.gif
    .gif
  • skin/gadgets/chat/MinimizedHover.gif
    .gif
  • skin/gadgets/chat/MinimizedPressed.gif
    .gif
  • skin/gadgets/chat/WindowTop.gif
    .gif
  • skin/gadgets/gadget/Close.gif
    .gif
  • skin/gadgets/gadget/CloseHover.gif
    .gif
  • skin/gadgets/gadget/ClosePressed.gif
    .gif
  • skin/gadgets/gadget/GadgetWindow.css
  • skin/gadgets/gadget/Minimize.png
    .png
  • skin/gadgets/gadget/MinimizeHover.png
    .png
  • skin/gadgets/gadget/MinimizePressed.png
    .png
  • skin/gadgets/gadget/WindowTop.gif
    .gif
  • skin/gadgets/gadget/thumb/bg-shadow-bottom-left.png
    .png
  • skin/gadgets/gadget/thumb/bg-shadow-bottom-right.png
    .png
  • skin/gadgets/gadget/thumb/bg-shadow-bottom.png
    .png
  • skin/gadgets/gadget/thumb/bg-shadow-left.png
    .png
  • skin/gadgets/gadget/thumb/bg-shadow-right.png
    .png
  • skin/gadgets/gadget/thumb/bg-shadow-top-left.png
    .png
  • skin/gadgets/gadget/thumb/bg-shadow-top-right.png
    .png
  • skin/gadgets/gadget/thumb/bg-shadow-top.png
    .png
  • skin/gadgets/gadget/thumb/bg.png
    .png
  • skin/gadgets/gadget/thumb/close.png
    .png
  • skin/gadgets/gadget/thumb/close_hover.png
    .png
  • skin/gadgets/gadget/thumb/close_pressed.png
    .png
  • skin/gadgets/gadget/thumb/hovered-bg.png
    .png
  • skin/gadgets/gadget/thumb/minimized.css
  • skin/go_btn.gif
    .gif
  • skin/go_btnRTL.gif
    .gif
  • skin/highlighter.png
    .png
  • skin/highlighterDisabled.png
    .png
  • skin/highlighterSearchTerm.png
    .png
  • skin/highlighter_chevron.png
    .png
  • skin/loading.gif
    .gif
  • skin/manage.gif
    .gif
  • skin/mc_add_active.png
    .png
  • skin/mc_add_candidate.png
    .png
  • skin/mc_add_flashing.gif
    .gif
  • skin/mc_add_inactive.png
    .png
  • skin/mc_community.png
    .png
  • skin/mc_community_dialog.png
    .png
  • skin/mc_community_dialog_over.png
    .png
  • skin/mc_community_selected.png
    .png
  • skin/mc_community_starred.png
    .png
  • skin/mc_options.png
    .png
  • skin/mc_search.png
    .png
  • skin/mc_tooltip_addTo.gif
    .gif
  • skin/mc_tooltip_addTo_dn.gif
    .gif
  • skin/mc_tooltip_addTo_over.gif
    .gif
  • skin/mc_tooltip_close.gif
    .gif
  • skin/mc_tooltip_close_dn.gif
    .gif
  • skin/mc_tooltip_close_over.gif
    .gif
  • skin/mc_tooltip_next.gif
    .gif
  • skin/mc_tooltip_next_dis.gif
    .gif
  • skin/mc_tooltip_next_dn.gif
    .gif
  • skin/mc_tooltip_next_over.gif
    .gif
  • skin/mc_tooltip_prev.gif
    .gif
  • skin/mc_tooltip_prev_dis.gif
    .gif
  • skin/mc_tooltip_prev_dn.gif
    .gif
  • skin/mc_tooltip_prev_over.gif
    .gif
  • skin/mc_tooltip_separator.gif
    .gif
  • skin/minibrowser.png
    .png
  • skin/multicommunityDialog_bg.png
    .png
  • skin/myGadgets_detect_x.png
    .png
  • skin/myGadgets_detect_x_dn.png
    .png
  • skin/myGadgets_detect_x_hover.png
    .png
  • skin/myStuff/add.png
    .png
  • skin/myStuff/myStuff.css
  • skin/myStuff/options.png
    .png
  • skin/radio/Podcast.png
    .png
  • skin/radio/RadioCombo.gif
    .gif
  • skin/radio/RadioEqualizerLoading.gif
    .gif
  • skin/radio/RadioEqualizerPause.gif
    .gif
  • skin/radio/RadioEqualizerPlay.gif
    .gif
  • skin/radio/RadioEqualizerReal.ico
  • skin/radio/RadioEqualizerSilent.gif
    .gif
  • skin/radio/RadioError.gif
    .gif
  • skin/radio/RadioErrow.ico
  • skin/radio/RadioErrowRTL.ico
  • skin/radio/RadioImgChev.ico
  • skin/radio/RadioMaxi.gif
    .gif
  • skin/radio/RadioMaxi_dn.gif
    .gif
  • skin/radio/RadioMaxi_on.gif
    .gif
  • skin/radio/RadioMini.gif
    .gif
  • skin/radio/RadioMini_dn.gif
    .gif
  • skin/radio/RadioMini_on.gif
    .gif
  • skin/radio/RadioPause.gif
    .gif
  • skin/radio/RadioPauseChev.ico
  • skin/radio/RadioPause_dn.gif
    .gif
  • skin/radio/RadioPause_on.gif
    .gif
  • skin/radio/RadioPlay.gif
    .gif
  • skin/radio/RadioPlayChev.ico
  • skin/radio/RadioPlay_dn.gif
    .gif
  • skin/radio/RadioPlay_on.gif
    .gif
  • skin/radio/RadioSliderBG.gif
    .gif
  • skin/radio/RadioSliderBall.gif
    .gif
  • skin/radio/RadioStop.gif
    .gif
  • skin/radio/RadioStopChev.ico
  • skin/radio/RadioStop_dn.gif
    .gif
  • skin/radio/RadioStop_on.gif
    .gif
  • skin/radio/RadioStrip.gif
    .gif
  • skin/radio/RadioTooltipPlaying.gif
    .gif
  • skin/radio/RadioTooltipStopped.gif
    .gif
  • skin/radio/RadioVolume.gif
    .gif
  • skin/radio/RadioVolume_dn.gif
    .gif
  • skin/radio/RadioVolume_on.gif
    .gif
  • skin/radio/RealLogo.png
    .png
  • skin/radio/WMPLogo.png
    .png
  • skin/radio/default_skin.xml
    .xml
  • skin/radio/defaultskin/RadioImgChev.ico
  • skin/radio/defaultskin/RadioPlayChev.ico
  • skin/radio/defaultskin/RadioStopChev.ico
  • skin/radio/defaultskin/display.gif
    .gif
  • skin/radio/defaultskin/equalizer_buffering.gif
    .gif
  • skin/radio/defaultskin/equalizer_error.gif
    .gif
  • skin/radio/defaultskin/equalizer_playing.gif
    .gif
  • skin/radio/defaultskin/equalizer_stopped.gif
    .gif
  • skin/radio/defaultskin/equalizer_stopped1.gif
    .gif
  • skin/radio/defaultskin/maxi.png
    .png
  • skin/radio/defaultskin/maxi_dn.png
    .png
  • skin/radio/defaultskin/maxi_over.png
    .png
  • skin/radio/defaultskin/minimize.png
    .png
  • skin/radio/defaultskin/minimize_dn.png
    .png
  • skin/radio/defaultskin/minimize_over.png
    .png
  • skin/radio/defaultskin/pause.gif
    .gif
  • skin/radio/defaultskin/pause_dn.gif
    .gif
  • skin/radio/defaultskin/pause_over.gif
    .gif
  • skin/radio/defaultskin/play.gif
    .gif
  • skin/radio/defaultskin/play_dn.gif
    .gif
  • skin/radio/defaultskin/play_over.gif
    .gif
  • skin/radio/defaultskin/slider.gif
    .gif
  • skin/radio/defaultskin/slider_bg.png
    .png
  • skin/radio/defaultskin/slider_dn.gif
    .gif
  • skin/radio/defaultskin/slider_over.gif
    .gif
  • skin/radio/defaultskin/stop.png
    .png
  • skin/radio/defaultskin/stop_dn.png
    .png
  • skin/radio/defaultskin/stop_over.png
    .png
  • skin/radio/defaultskin/vol.gif
    .gif
  • skin/radio/defaultskin/vol_dn.gif
    .gif
  • skin/radio/defaultskin/vol_over.gif
    .gif
  • skin/resize.gif
    .gif
  • skin/scrollbar/down-active.png
    .png
  • skin/scrollbar/down.png
    .png
  • skin/scrollbar/horizontal-background.png
    .png
  • skin/scrollbar/horizontal-gripper.png
    .png
  • skin/scrollbar/horizontal-thumb-end.png
    .png
  • skin/scrollbar/horizontal-thumb-start.png
    .png
  • skin/scrollbar/horizontal-thumb.png
    .png
  • skin/scrollbar/left-active.png
    .png
  • skin/scrollbar/left.png
    .png
  • skin/scrollbar/right-active.png
    .png
  • skin/scrollbar/right.png
    .png
  • skin/scrollbar/slider.gif
    .gif
  • skin/scrollbar/up-active.png
    .png
  • skin/scrollbar/up.png
    .png
  • skin/scrollbar/vertical-background.png
    .png
  • skin/scrollbar/vertical-gripper.png
    .png
  • skin/scrollbar/vertical-thumb-end.png
    .png
  • skin/scrollbar/vertical-thumb-start.png
    .png
  • skin/scrollbar/vertical-thumb.png
    .png
  • skin/scrollbars.css
  • skin/searchBox-suggest.xml
    .js .xml polyglot
  • skin/separator.png
    .png
  • skin/small_arrow.png
    .png
  • skin/small_arrowRTL.png
    .png
  • skin/splitter.ico
  • skin/star.png
    .png
  • skin/truste_about.gif
    .gif
  • skin/truste_welcome.gif
    .gif
  • skin/twitter/twitter.css
  • skin/twitter/twitterRTL_bg.png
    .png
  • skin/twitter/twitter_bg.png
    .png
  • skin/twitter/twitter_chevron.gif
    .gif
  • skin/twitter/twitter_no_img.png
    .png
  • skin/v.png
    .png
  • skin/warning.png
    .png
  • skin/weather.png
    .png
  • skin/weather_bg.png
    .png
  • skin/weather_bg_rtl.png
    .png
  • skin/weather_bullet.png
    .png
  • skin/weather_close.png
    .png
  • skin/weather_close_dn.png
    .png
  • skin/weather_na.png
    .png
  • skin/welcome-rtl/arrow.png
    .png
  • skin/welcome-rtl/bottom.png
    .png
  • skin/welcome-rtl/corner_ld.png
    .png
  • skin/welcome-rtl/corner_lup.png
    .png
  • skin/welcome-rtl/corner_rd.png
    .png
  • skin/welcome-rtl/corner_rup.png
    .png
  • skin/welcome-rtl/emailNotifier.gif
    .gif
  • skin/welcome-rtl/facebook.png
    .png
  • skin/welcome-rtl/grad_dn.png
    .png
  • skin/welcome-rtl/left.png
    .png
  • skin/welcome-rtl/radio.gif
    .gif
  • skin/welcome-rtl/right.png
    .png
  • skin/welcome-rtl/upper_border.png
    .png
  • skin/welcome-rtl/weather.gif
    .gif
  • skin/welcome-rtl/welcomeDialog.css
  • skin/welcome.bmp
  • skin/welcome/arrow.png
    .png
  • skin/welcome/bottom.png
    .png
  • skin/welcome/corner_ld.png
    .png
  • skin/welcome/corner_lup.png
    .png
  • skin/welcome/corner_rd.png
    .png
  • skin/welcome/corner_rup.png
    .png
  • skin/welcome/emailNotifier.gif
    .gif
  • skin/welcome/facebook.png
    .png
  • skin/welcome/grad_dn.png
    .png
  • skin/welcome/left.png
    .png
  • skin/welcome/radio.gif
    .gif
  • skin/welcome/right.png
    .png
  • skin/welcome/upper_border.png
    .png
  • skin/welcome/weather.gif
    .gif
  • skin/welcome/welcomeDialog.css
  • skin/x.png
    .png
  • $R5/components/ConduitAutoCompleteSearch.js
    .js
  • $R5/components/ConduitAutoCompleteSearch.xpt
  • $R5/components/ConduitToolbar.idl
  • $R5/components/ConduitToolbar.js
    .js
  • $R5/components/ConduitToolbar.xpt
  • $R5/components/FFExternalAlert.dll
    .dll windows:5 windows x86 arch:x86

    3223d50e0400d555fa5614bff18da5cf


    Headers

    Imports

    Exports

    Sections

  • $R5/components/FFExternalAlert.xpt
  • $R5/components/RadioWMPCore.dll
    .dll windows:5 windows x86 arch:x86

    a50dc75f0f339366da4f56137bf8807f


    Headers

    Imports

    Exports

    Sections

  • $R5/components/RadioWMPCore.xpt
  • $R5/defaults/default_radio_skin.xml
    .xml
  • $R5/defaults/fbAlert.js
    .html .js polyglot
  • $R5/install.rdf
    .xml
  • $R5/lib/xpcom.js
    .js
  • $R5/searchplugin/conduit.PNG
    .png
  • $R5/searchplugin/conduit.gif
    .gif
  • $R5/searchplugin/conduit.ico
  • $R5/searchplugin/conduit.src
  • $R5/searchplugin/conduit.xml
  • $R5/version.txt
  • $TEMP/Toolbar.exe
    .exe windows:4 windows x86 arch:x86

    81638d02019c0bfcaaf23a9c69f2f12c


    Code Sign

    Headers

    Imports

    Sections

  • $TEMP/captura.bmp