Overview

overview

7

Static

static

7

xion_v1.0b127.exe

windows7-x64

7

xion_v1.0b127.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...es.dll

windows7-x64

7

$PLUGINSDI...es.dll

windows10-2004-x64

7

$PLUGINSDI...nu.dll

windows7-x64

3

$PLUGINSDI...nu.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...or.dll

windows7-x64

7

$PLUGINSDI...or.dll

windows10-2004-x64

7

$PLUGINSDI...fo.dll

windows7-x64

3

$PLUGINSDI...fo.dll

windows10-2004-x64

3

OptimFROG.dll

windows7-x64

1

OptimFROG.dll

windows10-2004-x64

7

Plugins/BA...ac.dll

windows7-x64

1

Plugins/BA...ac.dll

windows10-2004-x64

1

Plugins/BA...c3.dll

windows7-x64

1

Plugins/BA...c3.dll

windows10-2004-x64

1

Plugins/BA...dx.dll

windows7-x64

7

Plugins/BA...dx.dll

windows10-2004-x64

7

Plugins/BA...ix.dll

windows7-x64

7

Plugins/BA...ix.dll

windows10-2004-x64

7

Plugins/BA...ac.dll

windows7-x64

1

Plugins/BA...ac.dll

windows10-2004-x64

1

Plugins/BA...pe.dll

windows7-x64

1

Plugins/BA...pe.dll

windows10-2004-x64

1

Plugins/BA...cd.dll

windows7-x64

1

Plugins/BA...cd.dll

windows10-2004-x64

1

Plugins/BA...ac.dll

windows7-x64

1

Plugins/BA...ac.dll

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    2ff7dc01ef6b398d178820df73ecbb7d_JaffaCakes118

  • Size

    2.6MB

  • MD5

    2ff7dc01ef6b398d178820df73ecbb7d

  • SHA1

    b9732cec2943fd11c42e0a343d799f7420af0147

  • SHA256

    bb0fad5a6061fcf1b67ab1235936e54049ad491e49e3de1faac3514b67a007b9

  • SHA512

    64f54bad2b64ef09dbb11c11d9166194227a7ec518850756399895476f23a8915090151c3bc5fada0890993521760a2f2f0177dd05bba3a537dde4f2763e4328

  • SSDEEP

    49152:Gr5CtEftPfWR4Yqoo+6H3c5WChiOXtimOsyi7yTMUArLJUV2HefKs/E1JpBHwHBU:05d5uR4VoQr2iIXOsyi7eMUArh/16hU

Score
7/10
upx

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 10 IoCs

    Detects file using ACProtect software.

  • UPX packed file 10 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 34 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 4 IoCs
    installer

Files

  • 2ff7dc01ef6b398d178820df73ecbb7d_JaffaCakes118
    .rar
  • xion_v1.0b127.exe
    .exe windows:4 windows x86 arch:x86

    7fa974366048f9c551ef45714595665e


    Headers

    Imports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    b1cd0d78f652ce5fc63f0879371af012


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/Processes.dll
    .dll windows:5 windows x86 arch:x86


    Headers

    Exports

    Sections

  • out.upx
    .dll windows:5 windows x86 arch:x86


    Headers

    Sections

  • $PLUGINSDIR/StartMenu.dll
    .dll windows:4 windows x86 arch:x86

    a648aeaa164b592c1e8892a10400b5ae


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    2017f2acbdaa42ab3e4adeb8b4c37e7b


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/UACElevator.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • out.upx
    .dll windows:4 windows x86 arch:x86


    Headers

    Sections

  • $PLUGINSDIR/UserInfo.dll
    .dll windows:4 windows x86 arch:x86

    afa8e526425f3585465337467d0b5909


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-wizard.bmp
  • Equalizer Presets/Accoustic.xep
  • Equalizer Presets/Bass Booster.xep
  • Equalizer Presets/Bass Reducer.xep
  • Equalizer Presets/Boost.xep
  • Equalizer Presets/Classical.xep
  • Equalizer Presets/Dance.xep
  • Equalizer Presets/Deep.xep
  • Equalizer Presets/Electronic.xep
  • Equalizer Presets/Flat.xep
  • Equalizer Presets/Hip-Hop.xep
  • Equalizer Presets/Jazz.xep
  • Equalizer Presets/Latin.xep
  • Equalizer Presets/Loudness.xep
  • Equalizer Presets/Lounge.xep
  • Equalizer Presets/Manual.xep
  • Equalizer Presets/Piano.xep
  • Equalizer Presets/Pop.xep
  • Equalizer Presets/R&B.xep
  • Equalizer Presets/Rock.xep
  • Equalizer Presets/Small Speakers.xep
  • Equalizer Presets/Spoken Word.xep
  • Equalizer Presets/Treble Booster.xep
  • Equalizer Presets/Treble Reducer.xep
  • Equalizer Presets/Vocal Booster.xep
  • Image Layer Names.txt
  • Interfaces/Default.zip
    .zip
  • Bar.psd
  • Main.psd
  • Playlist.psd
  • Interfaces/Previews/Default.zip.xtn
    .zip
  • XTN
  • Interfaces/Previews/Default.zip_Bar.psd.xtn
    .zip
  • XTN
  • Interfaces/Previews/Default.zip_Main.psd.xtn
    .zip
  • XTN
  • Interfaces/Previews/Default.zip_Playlist.psd.xtn
    .zip
  • XTN
  • Interfaces/SkinsHaveMoved-Readme.txt
  • OptimFROG.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • Plugins/BASS/bass_aac.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • Plugins/BASS/bass_ac3.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • Plugins/BASS/bass_adx.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • Plugins/BASS/bass_aix.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • Plugins/BASS/bass_alac.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • Plugins/BASS/bass_ape.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • Plugins/BASS/bass_cd.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • Plugins/BASS/bass_flac.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • Plugins/BASS/bass_midi.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • Plugins/BASS/bass_mpc.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • Plugins/BASS/bass_ofr.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • Plugins/BASS/bass_spx.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • Plugins/BASS/bass_tta.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • Plugins/BASS/bass_wma.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • Plugins/BASS/bass_wv.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • Plugins/DefaultInterface.dll
    .dll windows:5 windows x86 arch:x86


    Headers

    Exports

    Sections

  • Plugins/DefaultLibrary.dll
    .dll windows:5 windows x86 arch:x86


    Headers

    Exports

    Sections

  • Plugins/DefaultPlaylist.dll
    .dll windows:5 windows x86 arch:x86


    Headers

    Exports

    Sections

  • Plugins/DefaultVisualisation.dll
    .dll windows:5 windows x86 arch:x86


    Headers

    Exports

    Sections

  • Settings.dat
  • Stations/.977 The 80s Channel.pls
  • Stations/.977 The 90s Channel.pls
  • Stations/.977 The Alternative Channel.pls
  • Stations/.977 The Classic Rock Channel.pls
  • Stations/.977 The Hard Rock Channel.pls
  • Stations/.977 The Hitz Channel.pls
  • Stations/.977 The Jamz Channel.pls
  • Stations/1.FM - 50s and 60s.pls
  • Stations/1.FM - 80s Channel.pls
  • Stations/1.FM - 90s Channel.pls
  • Stations/1.FM - Bay Smooth Jazz.pls
  • Stations/1.FM - Blues.pls
  • Stations/1.FM - Bombay Beats.pls
  • Stations/1.FM - Channel X.pls
  • Stations/1.FM - Club!.pls
  • Stations/1.FM - Country.pls
  • Stations/1.FM - Dance Hits.pls
  • Stations/1.FM - High Voltage.pls
  • Stations/1.FM - Jamz.pls
  • Stations/1.FM - Otto's Baroque Musick.pls
  • Stations/1.FM - Otto's Classical Musick.pls
  • Stations/1.FM - Otto's Opera House.pls
  • Stations/1.FM - ReggaeTrade.pls
  • Stations/1.FM - The Chillout Lounge.pls
  • Stations/1.FM - Top 40.pls
  • Stations/1.FM - Trance.pls
  • Stations/1.FM - Urban Gospel.pls
  • Stations/S K Y . F M - Absolutely Smooth Jazz.pls
  • Uninstall.exe
    .exe windows:4 windows x86 arch:x86

    7fa974366048f9c551ef45714595665e


    Headers

    Imports

    Sections

  • Xion.exe
    .exe windows:5 windows x86 arch:x86

    19510da9f24d4e259497e86de101ef76


    Headers

    Imports

    Sections

  • Xion.mp3
  • XionTags.dll
    .dll windows:5 windows x86 arch:x86


    Headers

    Exports

    Sections

  • bass.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • bass_fx.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • 新云软件.url
    .url