Overview

overview

7

Static

static

7

2f6a6df22d...18.exe

windows7-x64

3

2f6a6df22d...18.exe

windows10-2004-x64

3

$PLUGINSDI...er.exe

windows7-x64

7

$PLUGINSDI...er.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...TB.exe

windows7-x64

7

$PLUGINSDI...TB.exe

windows10-2004-x64

7

$PLUGINSDI...es.dll

windows7-x64

3

$PLUGINSDI...es.dll

windows10-2004-x64

3

$PLUGINSDI...ry.dll

windows7-x64

3

$PLUGINSDI...ry.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

QtCore4.dll

windows7-x64

3

QtCore4.dll

windows10-2004-x64

3

QtGui4.dll

windows7-x64

1

QtGui4.dll

windows10-2004-x64

1

QtNetwork4.dll

windows7-x64

3

QtNetwork4.dll

windows10-2004-x64

3

QtWebKit4.dll

windows7-x64

1

QtWebKit4.dll

windows10-2004-x64

1

QtXml4.dll

windows7-x64

3

QtXml4.dll

windows10-2004-x64

3

imageforma...f4.dll

windows7-x64

1

imageforma...f4.dll

windows10-2004-x64

1

imageforma...g4.dll

windows7-x64

1

imageforma...g4.dll

windows10-2004-x64

1

libgcc_s_dw2-1.dll

windows7-x64

3

libgcc_s_dw2-1.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    2f6a6df22da7eec5494b99dafa123b4e_JaffaCakes118

  • Size

    24.9MB

  • MD5

    2f6a6df22da7eec5494b99dafa123b4e

  • SHA1

    8ea96e0a8213013de72a042529267548e98c2d8e

  • SHA256

    eeea4deb3efd02a31f20821956bd4b9243c11771ee24966f2ba21ea62431154e

  • SHA512

    5d26d75d852c24c78cf1388eacf2be4544b26be2f1070c26593815300368b3c0e58a4115974e107d3d2adc29297086a572086b022204534a657a68e19a88b3bc

  • SSDEEP

    393216:1OZ7nKiovkWcoNFfSu960biBju9E5HXK8/IKqH1c39gHSD38ZEJFrJK0xe0i51bF:1OMLFP960Yjz0KqVc+ylJFrJRxe0adD

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 25 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 4 IoCs
    installer

Files

  • 2f6a6df22da7eec5494b99dafa123b4e_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    7fa974366048f9c551ef45714595665e


    Headers

    Imports

    Sections

  • $PLUGINSDIR/BoxoreInstaller.exe
    .exe windows:5 windows x86 arch:x86

    fa153acc245845f8f3c06221bbfcc7a9


    Headers

    Imports

    Sections

  • $PLUGINSDIR/Confirm.ini
  • $PLUGINSDIR/Finish.ini
  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    b1cd0d78f652ce5fc63f0879371af012


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/MyBabylonTB.exe
    .exe windows:5 windows x86 arch:x86

    616f8a11d0ee76db2bc674f8299827e4


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/Processes.dll
    .dll windows:4 windows x86 arch:x86

    f5edecae12589e705677a6e272ad0394


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/Registry.dll
    .dll windows:4 windows x86 arch:x86

    421a02aae559045e04759aae146087eb


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    2017f2acbdaa42ab3e4adeb8b4c37e7b


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/btmimg.bmp
  • $PLUGINSDIR/header.bmp
  • $PLUGINSDIR/leftimg.bmp
  • $PLUGINSDIR/linker.dll
    .dll windows:5 windows x86 arch:x86

    667399df17d9f466b635896e86bdf6dd


    Headers

    Imports

    Exports

    Sections

  • QtCore4.dll
    .dll windows:4 windows x86 arch:x86

    94c351fec6774cdd0047705e610f26f7


    Headers

    Imports

    Exports

    Sections

  • QtGui4.dll
    .dll windows:4 windows x86 arch:x86

    b3eff5e1032634b98df31e356ba300b2


    Headers

    Imports

    Exports

    Sections

  • QtNetwork4.dll
    .dll windows:4 windows x86 arch:x86

    5aef20039a2df19eaf894dc8c96dd81a


    Headers

    Imports

    Exports

    Sections

  • QtWebKit4.dll
    .dll windows:4 windows x86 arch:x86

    fca076cba64a23620872c90894825edc


    Headers

    Imports

    Exports

    Sections

  • QtXml4.dll
    .dll windows:4 windows x86 arch:x86

    1769dfac15ec32b61e85dcd4e8ce9264


    Headers

    Imports

    Exports

    Sections

  • imageformats/qgif4.dll
    .dll windows:4 windows x86 arch:x86

    44acf6c42037ed6f57ab2984fbda4b99


    Headers

    Imports

    Exports

    Sections

  • imageformats/qjpeg4.dll
    .dll windows:4 windows x86 arch:x86

    e79559b8f9d5bcaf3316ef26b4c6ff28


    Headers

    Imports

    Exports

    Sections

  • libgcc_s_dw2-1.dll
    .dll windows:4 windows x86 arch:x86

    22de106f971ff0449d33ea6ca7f9dcba


    Headers

    Imports

    Exports

    Sections

  • libstdc++-6.dll
    .dll windows:4 windows x86 arch:x86

    26f85c8656ffc068f834e1ad8f115f06


    Headers

    Imports

    Exports

    Sections

  • mingwm10.dll
    .dll windows:4 windows x86 arch:x86

    03e7672c8b423d2d726a1731f8c39711


    Headers

    Imports

    Exports

    Sections

  • mplayer/LICENSE.txt
  • mplayer/README.txt
  • mplayer/fonts/fonts.conf
    .xml
  • mplayer/fonts/fonts.dtd
  • mplayer/mplayer.exe
    .exe windows:4 windows x86 arch:x86

    0866aba57609c4aab7106dcde80f971c


    Headers

    Imports

    Sections

  • mplayer/mplayer.html
  • mplayer/mplayer/codecs.conf
  • mplayer/mplayer/config
  • mplayer/mplayer/extreme.ico
  • mplayer/mplayer/input.conf
  • mplayer/mplayer/mplayer.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • mplayer/mplayer/sample.avi
  • mplayer/mplayer/subfont.ttf
  • mplayer/sample.avi
  • mplayer/subfont.ttf
  • phonon4.dll
    .dll windows:4 windows x86 arch:x86

    01a213cc92afc25637d3915d78a7331e


    Headers

    Imports

    Exports

    Sections

  • playerplus.exe
    .exe windows:4 windows x86 arch:x86

    1f2b1acf65c46a85dd863660255da09d


    Headers

    Imports

    Sections

  • playerplus.ico
  • radio.m3u8
  • shortcuts/default.keys
  • shortcuts/sda.keys
  • styles.ass
  • themes/Modern/bg-mediabar.png
    .png
  • themes/Modern/bg-menu.png
    .png
  • themes/Modern/bg-panel-left.png
    .png
  • themes/Modern/bg-panel-right.png
    .png
  • themes/Modern/bg-panel.png
    .png
  • themes/Modern/bg-search-box-left.png
    .png
  • themes/Modern/bg-search-box-right.png
    .png
  • themes/Modern/bg-search-box.png
    .png
  • themes/Modern/bg-seekbar-buffering.png
    .png
  • themes/Modern/bg-seekbar-left.png
    .png
  • themes/Modern/bg-seekbar-progress.png
    .png
  • themes/Modern/bg-seekbar-right.png
    .png
  • themes/Modern/bg-seekbar.png
    .png
  • themes/Modern/bg-toolbar.png
    .png
  • themes/Modern/bg-volumebar-progress.png
    .png
  • themes/Modern/bg-volumebar.png
    .png
  • themes/Modern/button-equalizer.png
    .png
  • themes/Modern/button-fastforward.png
    .png
  • themes/Modern/button-fullscreen.png
    .png
  • themes/Modern/button-max-volume.png
    .png
  • themes/Modern/button-min-volume.png
    .png
  • themes/Modern/button-next.png
    .png
  • themes/Modern/button-play-pause.png
    .png
  • themes/Modern/button-playlist.png
    .png
  • themes/Modern/button-previous.png
    .png
  • themes/Modern/button-record.png
    .png
  • themes/Modern/button-repeat.png
    .png
  • themes/Modern/button-rewind.png
    .png
  • themes/Modern/button-seek-knob.png
    .png
  • themes/Modern/button-shuffle.png
    .png
  • themes/Modern/button-stop.png
    .png
  • themes/Modern/button-toolbar.png
    .png
  • themes/Modern/button-volume-knob.png
    .png
  • themes/Modern/main.css
  • themes/Modern/search-arrow.png
    .png
  • themes/Modern/search-icon.png
    .png
  • themes/Modern/search-shoutcast.png
    .png
  • themes/Modern/search-youtube.png
    .png
  • translations/umplayer_ar_SY.qm
  • translations/umplayer_bg.qm
  • translations/umplayer_ca.qm
  • translations/umplayer_cs.qm
  • translations/umplayer_de.qm
  • translations/umplayer_el_GR.qm
  • translations/umplayer_en_US.qm
  • translations/umplayer_es.qm
  • translations/umplayer_et.qm
  • translations/umplayer_eu.qm
  • translations/umplayer_fi.qm
  • translations/umplayer_fr.qm
  • translations/umplayer_gl.qm
  • translations/umplayer_hu.qm
  • translations/umplayer_it.qm
  • translations/umplayer_ja.qm
  • translations/umplayer_ka.qm
  • translations/umplayer_ko.qm
  • translations/umplayer_ku.qm
  • translations/umplayer_mk.qm
  • translations/umplayer_nl.qm
  • translations/umplayer_pl.qm
  • translations/umplayer_pt.qm
  • translations/umplayer_pt_BR.qm
  • translations/umplayer_ro_RO.qm
  • translations/umplayer_ru_RU.qm
  • translations/umplayer_sk.qm
  • translations/umplayer_sl_SI.qm
  • translations/umplayer_sr.qm
  • translations/umplayer_sv.qm
  • translations/umplayer_tr.qm
  • translations/umplayer_uk_UA.qm
  • translations/umplayer_vi_VN.qm
  • translations/umplayer_zh_CN.qm
  • translations/umplayer_zh_TW.qm
  • tv.m3u8
  • umplayer.ini
  • uninstall.exe
    .exe windows:4 windows x86 arch:x86

    7fa974366048f9c551ef45714595665e


    Headers

    Imports

    Sections

  • $PLUGINSDIR/Confirm.ini
  • $PLUGINSDIR/Finish.ini
  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    b1cd0d78f652ce5fc63f0879371af012


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/Processes.dll
    .dll windows:4 windows x86 arch:x86

    f5edecae12589e705677a6e272ad0394


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/btmimg.bmp
  • $PLUGINSDIR/header.bmp
  • $PLUGINSDIR/leftimg.bmp