Overview

overview

7

Static

static

7

2420c5ca97...18.exe

windows7-x64

7

2420c5ca97...18.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

Languages/French.dll

windows7-x64

7

Languages/French.dll

windows10-2004-x64

7

htmlfr/frame.html

windows7-x64

1

htmlfr/frame.html

windows10-2004-x64

1

htmlfr/slideshow.html

windows7-x64

1

htmlfr/slideshow.html

windows10-2004-x64

1

htmlfr/thu...s.html

windows7-x64

1

htmlfr/thu...s.html

windows10-2004-x64

1

uninst.exe

windows7-x64

7

uninst.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2420c5ca974624ab51e5849c6b749d14_JaffaCakes118

  • Size

    116KB

  • MD5

    2420c5ca974624ab51e5849c6b749d14

  • SHA1

    41b159bbcbd6c1fb2a1218025ce059c81f3d9a51

  • SHA256

    40d4bc677804c8b7cbd4f13942682658546aee56746fecbd59e5eeef7da46c5f

  • SHA512

    5a22a7cbec6aad34c3e3fbda3ab4f3484d2d1f6039c4c41aca3f4351a849260965f5c29f26ab26acd0211d55a77ced4439d013dbaf8eb37c46d157c2a619f333

  • SSDEEP

    3072:INhR6b5yBSW45oXLqJXRiLdDnqTTs1MgWZvTGHSgc:ITCyxBXuJXRi5ne4anTGHbc

Score
7/10
upx

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 1 IoCs

    Detects file using ACProtect software.

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 5 IoCs

    Checks for missing Authenticode signature.

Files

  • 2420c5ca974624ab51e5849c6b749d14_JaffaCakes118
    .exe windows:5 windows x86 arch:x86

    e42c0ba5350d48c9fb666ff52855f8ec


    Headers

    Imports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:5 windows x86 arch:x86

    222ba14d7b8ae575c32dd0b8b77a5dea


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-wizard.bmp
  • Languages/French.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .dll windows:4 windows x86 arch:x86


    Headers

    Sections

  • Languages/IP_french.lng
  • htmlfr/frame.html
    .html
  • htmlfr/slideshow.html
    .html .js polyglot
  • htmlfr/thumbnails.html
    .html
  • i_changes_fr_4.28.txt
  • uninst.exe
    .exe windows:5 windows x86 arch:x86

    e42c0ba5350d48c9fb666ff52855f8ec


    Headers

    Imports

    Sections