Overview

overview

7

Static

static

7

183189d23e...18.exe

windows7-x64

7

183189d23e...18.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

dbtool.exe

windows7-x64

1

dbtool.exe

windows10-2004-x64

1

icons/Secu...ns.dll

windows7-x64

1

icons/Secu...ns.dll

windows10-2004-x64

1

icons/fing...CQ.dll

windows7-x64

1

icons/fing...CQ.dll

windows10-2004-x64

1

icons/fing...er.dll

windows7-x64

1

icons/fing...er.dll

windows10-2004-x64

1

icons/fing...er.dll

windows7-x64

1

icons/fing...er.dll

windows10-2004-x64

1

icons/fing...ks.dll

windows7-x64

1

icons/fing...ks.dll

windows10-2004-x64

1

icons/flags.dll

windows7-x64

1

icons/flags.dll

windows10-2004-x64

1

icons/hist...ns.dll

windows7-x64

1

icons/hist...ns.dll

windows10-2004-x64

1

icons/jabb...us.dll

windows7-x64

1

icons/jabb...us.dll

windows10-2004-x64

1

icons/proto_icq.dll

windows7-x64

1

icons/proto_icq.dll

windows10-2004-x64

1

icons/prot...er.dll

windows7-x64

1

icons/prot...er.dll

windows10-2004-x64

1

icons/prot...er.dll

windows7-x64

1

icons/prot...er.dll

windows10-2004-x64

1

icons/qips...ns.dll

windows7-x64

1

icons/qips...ns.dll

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    183189d23ead1f12502d3093313d22ba_JaffaCakes118

  • Size

    4.5MB

  • MD5

    183189d23ead1f12502d3093313d22ba

  • SHA1

    722d3bcc647a8f1d1de541af91346478b3bc8201

  • SHA256

    dfde0e0a9d00159f9d33255e9075c2fa4ce544768fd794094e1fec9c46043459

  • SHA512

    57393975b2b90b15422f2adce0448ae038c53baaeaced3655af141ae0c321b80ad737d4a449ea221408c6365a1cd0e62e63b4ff8d613ace0dc9a6df102847d68

  • SSDEEP

    98304:eO3v9iWPUVffJx4WczaTROwuGDOkm5XmHx1iSxjjcXmyLPBhyzm:eO3FUvx4PzONJfm5XmR1bjjcXmmP5

Score
7/10
upx

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 2 IoCs

    Detects file using ACProtect software.

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 66 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 4 IoCs
    installer

Files

  • 183189d23ead1f12502d3093313d22ba_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    099c0646ea7282d232219f8807883be0


    Headers

    Imports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    b1cd0d78f652ce5fc63f0879371af012


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/LangDLL.dll
    .dll windows:4 windows x86 arch:x86

    9b6b6a7858e17fb0b17e1c1428330343


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-header.bmp
  • $PLUGINSDIR/modern-wizard.bmp
  • Langpack_russian.txt
  • autoexec_noskin.ini
  • autoexec_skin.ini
  • dbtool.exe
    .exe windows:4 windows x86 arch:x86

    c8242a79af5bbbed0e8d6830ae4748c7


    Headers

    Imports

    Sections

  • dictionaries/ru_RU_yo.aff
  • dictionaries/ru_RU_yo.cdic
  • dictionaries/ru_RU_yo.dic
  • icons/SecureIM_icons.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Sections

  • icons/fingerprint/fp_ICQ.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Sections

  • icons/fingerprint/fp_Jabber.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Sections

  • icons/fingerprint/fp_Weather.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Sections

  • icons/fingerprint/fp_packs.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Sections

  • icons/flags.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Sections

  • icons/historypp_icons.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Sections

  • icons/jabber_xstatus.dll
    .dll windows:5 windows x86 arch:x86


    Headers

    Sections

  • icons/menu/Action_Folder_Search.ico
  • icons/menu/App 25.ico
  • icons/menu/App_Book.ico
  • icons/menu/App_PopUp_Alert.ico
  • icons/menu/Net 27.ico
  • icons/menu/Os_Log_User.ico
  • icons/menu/Thing_Note.ico
  • icons/menu/Window_Checks.ico
  • icons/menu/delete.ico
  • icons/menu/ice/clist_modern 003.ico
  • icons/menu/ice/dbeditorpp 010.ico
  • icons/menu/ice/dbeditorpp 011.ico
  • icons/menu/ice/dbeditorpp 012.ico
  • icons/menu/ice/dbeditorpp 013.ico
  • icons/menu/ice/dbeditorpp 014.ico
  • icons/menu/ice/dbeditorpp 015.ico
  • icons/menu/ice/dbeditorpp 017.ico
  • icons/menu/ice/icq 013.ico
  • icons/menu/ice/icq 014.ico
  • icons/menu/ice/icq 015.ico
  • icons/menu/ice/icq 018.ico
  • icons/menu/ice/miranda32 027.ico
  • icons/menu/ice/miranda32 028.ico
  • icons/menu/prefs.ico
  • icons/menu/recent_message.ico
  • icons/menu/rename.ico
  • icons/menu/running plugin/Action_Play.ico
  • icons/menu/running plugin/Message_X_Red.ico
  • icons/menu/sweepsystemhistory.ico
  • icons/menu/updates.ico
  • icons/menu/ver_info.ico
  • icons/proto_icq.dll
    .dll windows:4 windows x86 arch:x86

    fb80b577eec61d576561a1fb3cd53b9d


    Headers

    Imports

    Sections

  • icons/proto_jabber.dll
    .dll windows:4 windows x86 arch:x86

    8483c3242e28ec118ca202ca30d1b1a4


    Headers

    Imports

    Sections

  • icons/proto_weather.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Sections

  • icons/qipstatus_icons.dll
    .dll windows:5 windows x86 arch:x86


    Headers

    Sections

  • icons/tabsrmm_icons.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Sections

  • icons/tzers_icons.dll
    .dll windows:5 windows x86 arch:x86


    Headers

    Sections

  • icons/xpk_main.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Sections

  • icons/xpk_tabsrmm_icons.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Sections

  • icons/xpk_ttb/Groups On_Off_DN.ico
  • icons/xpk_ttb/Groups On_Off_UP.ico
  • icons/xpk_ttb/Minimize Button_DN.ico
  • icons/xpk_ttb/Minimize Button_UP.ico
  • icons/xpk_ttb/Quick_Search_UP.ico
  • icons/xpk_ttb/Show Options Page_DN.ico
  • icons/xpk_ttb/Show Options Page_UP.ico
  • icons/xpk_ttb/Show only Online Users_DN.ico
  • icons/xpk_ttb/Show only Online Users_UP.ico
  • icons/xpk_ttb/Sounds Enable_Disable_DN.ico
  • icons/xpk_ttb/Sounds Enable_Disable_UP.ico
  • icons/xstatus_icons.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Sections

  • license.html
    .html
  • miranda32.exe
    .exe windows:4 windows x86 arch:x86

    bb6ccb7064088f5b0dad9f775f65ea32


    Headers

    Imports

    Sections

  • mirandaboot.ini
  • pcre3.dll
    .dll windows:4 windows x86 arch:x86

    f867eaba1f47d94594c5bf1041b8c10b


    Headers

    Imports

    Exports

    Sections

  • plugins/AdvSplashScreen.dll
    .dll windows:4 windows x86 arch:x86

    6b71e7cd19a6b792d5c59abce905134d


    Headers

    Imports

    Exports

    Sections

  • plugins/BuddyExpectator.dll
    .dll windows:4 windows x86 arch:x86

    9532e787205438e90aa5ecd522d203a1


    Headers

    Imports

    Exports

    Sections

  • plugins/ChangeKeyboardLayout.dll
    .dll windows:4 windows x86 arch:x86

    98137a3247c45054123d9a653eca0c42


    Headers

    Imports

    Exports

    Sections

  • plugins/ClientChangeNotifyW.dll
    .dll windows:4 windows x86 arch:x86

    48acb8e641f2ffdc9847eb81ee6593e6


    Headers

    Imports

    Exports

    Sections

  • plugins/Fingerprint.dll
    .dll windows:4 windows x86 arch:x86

    bdd99722405119c6a8c777d1a32de3fd


    Headers

    Imports

    Exports

    Sections

  • plugins/KeepStatus.dll
    .dll windows:4 windows x86 arch:x86

    94d35869460d0fd476a092a5ebd4e3ab


    Headers

    Imports

    Exports

    Sections

  • plugins/MenuEx.dll
    .dll windows:4 windows x86 arch:x86

    c9b38bb04c3b9cd8093e0a68efcc6f3c


    Headers

    Imports

    Exports

    Sections

  • plugins/NewXstatusNotifyW.dll
    .dll windows:4 windows x86 arch:x86

    df4bc845c3b5002baaa9fee3c6dac1b9


    Headers

    Imports

    Exports

    Sections

  • plugins/PopUp.dll
    .dll windows:4 windows x86 arch:x86

    41986eb835ff79f02978a4d2ace3ae44


    Headers

    Imports

    Exports

    Sections

  • plugins/PopUp/tZEskin/back.png
    .png
  • plugins/PopUp/tZEskin/bottom.png
    .png
  • plugins/PopUp/tZEskin/bottom_left.png
    .png
  • plugins/PopUp/tZEskin/bottom_right.png
    .png
  • plugins/PopUp/tZEskin/clock.png
    .png
  • plugins/PopUp/tZEskin/left.png
    .png
  • plugins/PopUp/tZEskin/mono.popupskin
  • plugins/PopUp/tZEskin/popupskin.config
  • plugins/PopUp/tZEskin/right.png
    .png
  • plugins/PopUp/tZEskin/title_cb.png
    .png
  • plugins/PopUp/tZEskin/title_cc.png
    .png
  • plugins/PopUp/tZEskin/title_ct.png
    .png
  • plugins/PopUp/tZEskin/title_lb.png
    .png
  • plugins/PopUp/tZEskin/title_lc.png
    .png
  • plugins/PopUp/tZEskin/title_lt.png
    .png
  • plugins/PopUp/tZEskin/title_rb.png
    .png
  • plugins/PopUp/tZEskin/title_rc.png
    .png
  • plugins/PopUp/tZEskin/title_rt.png
    .png
  • plugins/SecureIM.dll
    .dll windows:4 windows x86 arch:x86

    9c2457baba255b4396a4820ed28f2613


    Headers

    Imports

    Exports

    Sections

  • plugins/StartupStatus.dll
    .dll windows:4 windows x86 arch:x86

    2d51c937c75c444b01fca42c281f5a11


    Headers

    Imports

    Exports

    Sections

  • plugins/Variables.dll
    .dll windows:4 windows x86 arch:x86

    a3538ea551d0bef1dc1d8c0419e3d90a


    Headers

    Imports

    Exports

    Sections

  • plugins/WhenWasIt.dll
    .dll windows:4 windows x86 arch:x86

    c16b51852ad737e1b611f4ca62c23871


    Headers

    Imports

    Exports

    Sections

  • plugins/WhoIsReadingMyStatusMsg.dll
    .dll windows:4 windows x86 arch:x86

    c9ed44fa7844ec77c487ab5e4a352221


    Headers

    Imports

    Exports

    Sections

  • plugins/ZeroUpdate.dll
    .dll windows:4 windows x86 arch:x86

    2ca3ef8a4c963449b738075179293948


    Headers

    Imports

    Exports

    Sections

  • plugins/advaimg.dll
    .dll windows:4 windows x86 arch:x86

    a95d3567811c02adee15da31ee0a2fbc


    Headers

    Imports

    Exports

    Sections

  • plugins/authstate.dll
    .dll windows:5 windows x86 arch:x86

    bd91d24d5555a5d0e4396ed34d390220


    Headers

    Imports

    Exports

    Sections

  • plugins/avs.dll
    .dll windows:4 windows x86 arch:x86

    b94ace722660a8e0cf1117a7fc7ef1b1


    Headers

    Imports

    Exports

    Sections

  • plugins/clist_modern.dll
    .dll windows:4 windows x86 arch:x86

    43c19f11b67e844d02f4dde2fdb31b3d


    Headers

    Imports

    Exports

    Sections

  • plugins/crashrpt.dll
    .dll windows:4 windows x86 arch:x86

    e14f51bc0558a5f2bf057e9c378b16c6


    Headers

    Imports

    Exports

    Sections

  • plugins/cryptopp.dll
    .dll windows:4 windows x86 arch:x86

    3fc61349f003e4945cf020dad5005daf


    Headers

    Imports

    Exports

    Sections

  • plugins/dbx_mmap.dll
    .dll windows:4 windows x86 arch:x86

    dafa56e4fa1c83490e4605707f2c7905


    Headers

    Imports

    Exports

    Sections

  • plugins/historypp.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • plugins/icq.dll
    .dll windows:5 windows x86 arch:x86


    Headers

    Exports

    Sections

  • out.upx
    .dll windows:5 windows x86 arch:x86


    Headers

    Sections

  • plugins/import.dll
    .dll windows:4 windows x86 arch:x86

    71d7bff7d639a60257068bc0916a34e5


    Headers

    Imports

    Exports

    Sections

  • plugins/importtxt.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • plugins/importtxt/ICQ5_p.ini
  • plugins/importtxt/ICQ6_p.ini
  • plugins/importtxt/MAgent_p.ini
  • plugins/importtxt/QHF_p.ini
  • plugins/importtxt/SEmidprms_p.ini
  • plugins/importtxt/bayanICQ_p.ini
  • plugins/importtxt/dichat_p.ini
  • plugins/importtxt/historypp_p.ini
  • plugins/importtxt/jimm_p.cfg
  • plugins/importtxt/jimm_p.ini
  • plugins/importtxt/jimmws_p.cfg
  • plugins/importtxt/jimmws_p.ini
  • plugins/importtxt/mContact_p.ini
  • plugins/importtxt/msgexport_p.ini
  • plugins/importtxt/nokmidprms_p.ini
  • plugins/importtxt/pigeon_p.ini
  • plugins/importtxt/qip_p.cfg
  • plugins/importtxt/qip_p.ini
  • plugins/importtxt/smaper_p.cfg
  • plugins/importtxt/smaper_p.ini
  • plugins/importtxt/smapern_p.ini
  • plugins/jabber.dll
    .dll windows:4 windows x86 arch:x86

    dc84f5b70d28dd0f3ce414a99855faac


    Headers

    Imports

    Exports

    Sections

  • plugins/look-in.dll
    .dll windows:4 windows x86 arch:x86

    7618d25981f0a0bc12c79810efa756aa


    Headers

    Imports

    Exports

    Sections

  • plugins/modernopt.dll
    .dll windows:4 windows x86 arch:x86

    5ad570a57a217c6a1761e9d38d71aa6a


    Headers

    Imports

    Exports

    Sections

  • plugins/msg_export.dll
    .dll windows:4 windows x86 arch:x86

    2595f92ee6793b1f5da47b435ffa9959


    Headers

    Imports

    Exports

    Sections

  • plugins/mydetails.dll
    .dll windows:4 windows x86 arch:x86

    ff448ef6c94f4d87e790093c4ef5aa0a


    Headers

    Imports

    Exports

    Sections

  • plugins/shlext.dll
    .dll regsvr32 windows:4 windows x86 arch:x86

    65a7961b502a554a48787226e2d15490


    Headers

    Imports

    Exports

    Sections

  • plugins/smileyaddw.dll
    .dll windows:4 windows x86 arch:x86

    48ee77b8b9dce4076743a0eb1553ff33


    Headers

    Imports

    Exports

    Sections

  • plugins/spellcheckerW.dll
    .dll windows:4 windows x86 arch:x86

    43f8fc3d7d9bf2f3b00747b915458feb


    Headers

    Imports

    Exports

    Sections

  • plugins/splash.ini
  • plugins/svc_dbepp.dll
    .dll windows:4 windows x86 arch:x86

    c8c50a085e1a32a48c0fb9cbbf7f75e2


    Headers

    Imports

    Exports

    Sections

  • plugins/svc_vi.dll
    .dll windows:4 windows x86 arch:x86

    36c395bfa25ae818a7c0dfeb1f7d083e


    Headers

    Imports

    Exports

    Sections

  • plugins/tabsrmm.dll
    .dll windows:4 windows x86 arch:x86

    f95a9dc4c75159d08a9af3c518ad36dd


    Headers

    Imports

    Exports

    Sections

  • plugins/tipper.dll
    .dll windows:4 windows x86 arch:x86

    b488a8cc1712eee7a4942e6f31f5b176


    Headers

    Imports

    Exports

    Sections

  • plugins/weather.dll
    .dll windows:4 windows x86 arch:x86

    f4f4a6fed6ceff43f32bc7e4c82ceb8a


    Headers

    Imports

    Exports

    Sections

  • plugins/weather/yweather.ini
  • plugins/zeroUpdate.ini
  • readme.txt
  • skins/smiles/KOLOBOK.asl
  • skins/smiles/acute.gif
    .gif
  • skins/smiles/aggressive.gif
    .gif
  • skins/smiles/air_kiss.gif
    .gif
  • skins/smiles/angel.gif
    .gif
  • skins/smiles/bad.gif
    .gif
  • skins/smiles/beee.gif
    .gif
  • skins/smiles/biggrin.gif
    .gif
  • skins/smiles/blum3.gif
    .gif
  • skins/smiles/blush2.gif
    .gif
  • skins/smiles/bomb.gif
    .gif
  • skins/smiles/boredom.gif
    .gif
  • skins/smiles/bye.gif
    .gif
  • skins/smiles/clapping.gif
    .gif
  • skins/smiles/cray.gif
    .gif
  • skins/smiles/crazy.gif
    .gif
  • skins/smiles/dance4.gif
    .gif
  • skins/smiles/dash1.gif
    .gif
  • skins/smiles/diablo.gif
    .gif
  • skins/smiles/dirol.gif
    .gif
  • skins/smiles/dntknw.gif
    .gif
  • skins/smiles/drinks.gif
    .gif
  • skins/smiles/fool.gif
    .gif
  • skins/smiles/give_rose.gif
    .gif
  • skins/smiles/good.gif
    .gif
  • skins/smiles/help.gif
    .gif
  • skins/smiles/i-m_so_happy.gif
    .gif
  • skins/smiles/kiss.gif
    .gif
  • skins/smiles/kiss_3.gif
    .gif
  • skins/smiles/lol.gif
    .gif
  • skins/smiles/mail1.gif
    .gif
  • skins/smiles/mamba.gif
    .gif
  • skins/smiles/man_in_love.gif
    .gif
  • skins/smiles/mosking.gif
    .gif
  • skins/smiles/music2.gif
    .gif
  • skins/smiles/nea.gif
    .gif
  • skins/smiles/new_russian.gif
    .gif
  • skins/smiles/ok.gif
    .gif
  • skins/smiles/pardon.gif
    .gif
  • skins/smiles/pleasantry.gif
    .gif
  • skins/smiles/preved.gif
    .gif
  • skins/smiles/rofl.gif
    .gif
  • skins/smiles/sad.gif
    .gif
  • skins/smiles/scratch_one-s_head.gif
    .gif
  • skins/smiles/secret.gif
    .gif
  • skins/smiles/shok.gif
    .gif
  • skins/smiles/smile.gif
    .gif
  • skins/smiles/sorry.gif
    .gif
  • skins/smiles/stop.gif
    .gif
  • skins/smiles/wacko.gif
    .gif
  • skins/smiles/wink.gif
    .gif
  • skins/smiles/yahoo.gif
    .gif
  • skins/smiles/yes3.gif
    .gif
  • skins/splash/splash.png
    .png
  • skins/tZEskin1.1/Images/Contact.png
    .png
  • skins/tZEskin1.1/Images/Dn.png
    .png
  • skins/tZEskin1.1/Images/Up.png
    .png
  • skins/tZEskin1.1/Images/back.png
    .png
  • skins/tZEskin1.1/Images/contact_over.png
    .png
  • skins/tZEskin1.1/Images/group.png
    .png
  • skins/tZEskin1.1/Images/light_Back.png
    .png
  • skins/tZEskin1.1/Images/oddContact.png
    .png
  • skins/tZEskin1.1/Images/open_group.png
    .png
  • skins/tZEskin1.1/Images/scrollThumb.png
    .png
  • skins/tZEskin1.1/tZEskin_avatar_dark.msf
    .ps1
  • skins/tZEskin1.1/tZEskin_avatar_light.msf
    .ps1
  • skins/tipper/tzeskin/back.png
    .png
  • skins/tipper/tzeskin/classic.tsf
  • sounds/sndGlobal.wav
  • sounds/sndMsg.wav
  • sounds/sndMsgSent.wav
  • uninst.exe
    .exe windows:4 windows x86 arch:x86

    099c0646ea7282d232219f8807883be0


    Headers

    Imports

    Sections

  • $PLUGINSDIR/LangDLL.dll
    .dll windows:4 windows x86 arch:x86

    9b6b6a7858e17fb0b17e1c1428330343


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/modern-header.bmp
  • user_data/dark83.dat
  • user_data/light83.dat
  • user_data/tabSRMM/skins/Zel_tabSRMM.tsk
  • user_data/tabSRMM/skins/Zel_theme.tabsrmm
  • user_data/tabSRMM/skins/backs.png
    .png
  • user_data/tabSRMM/skins/button.png
    .png
  • user_data/tabSRMM/skins/button_pressed.png
    .png
  • user_data/tabSRMM/skins/close.ico
  • user_data/tabSRMM/skins/input.png
    .png
  • user_data/tabSRMM/skins/maximize.ico
  • user_data/tabSRMM/skins/minimize.ico
  • user_data/tabSRMM/skins/tab.png
    .png
  • user_data/tabSRMM/skins/tabbottom.png
    .png
  • user_data/tabSRMM/skins/tabbottom_inactive.png
    .png
  • user_data/tabSRMM/skins/tabinactive.png
    .png
  • user_data/tabSRMM/skins/tabpage.png
    .png
  • zlib.dll
    .dll windows:4 windows x86 arch:x86

    8eae2a42619b4c03a09bc1391e8fe425


    Headers

    Imports

    Exports

    Sections