exec
isdone
wait
General
-
Target
32d847de1262ede398003ed41d7359b2_JaffaCakes118
-
Size
11.4MB
-
MD5
32d847de1262ede398003ed41d7359b2
-
SHA1
4cfe85e9be5910b6b14e6ef858c0edf0bac33428
-
SHA256
c559fb14f20e8dea91e8460eede4e12461f0a87fcf120446f863e7ca1e6edbeb
-
SHA512
c0133f1352710fda8b179d16c112b1e3636b44fc1ddf2da076b69c3bcb5d79dbcbebe7266bba41a4c9c1ba4dac6f6769bd7afe4baaebbc748234b9f1bd36d807
-
SSDEEP
196608:GhpX8PZhIYX2M2vk2gAr254tQEOD3YdPlDkpA3yn3MrN1AN:48XpKpJrO4pOTEPlDk6ycxk
Score
7/10
Malware Config
Signatures
-
UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Unsigned PE 54 IoCs
Checks for missing Authenticode signature.
-
NSIS installer 8 IoCs
Files
-
32d847de1262ede398003ed41d7359b2_JaffaCakes118
7fa974366048f9c551ef45714595665e
Headers
Imports
Sections
-
$PLUGINSDIR/ExecDos.dll
2dfc6a992d004b736e85c64219a88b4a
Headers
Imports
Exports
Sections
-
$PLUGINSDIR/InstallOptions.dll
b1cd0d78f652ce5fc63f0879371af012
Headers
Imports
Exports
Sections
-
$PLUGINSDIR/System.dll
2017f2acbdaa42ab3e4adeb8b4c37e7b
Headers
Imports
Exports
Sections
-
$PLUGINSDIR/iOClean.ini
-
$PLUGINSDIR/ioSpecial.ini
-
$PLUGINSDIR/modern-wizard.bmp
-
$TEMPImg/Installer.exe
7fa974366048f9c551ef45714595665e
Headers
Imports
Sections
-
$PLUGINSDIR/ExecDos.dll
2dfc6a992d004b736e85c64219a88b4a
Headers
Imports
Exports
Sections
-
$PLUGINSDIR/System.dll
2017f2acbdaa42ab3e4adeb8b4c37e7b
Headers
Imports
Exports
Sections
-
$TEMPImg/AskInstallChecker-1.5.0.0.exe
66c8920bc3035d736f66f927d463ca2b
Code Sign
Headers
Imports
Sections
-
$TEMPImg/FVM.exe
81638d02019c0bfcaaf23a9c69f2f12c
Code Sign
Headers
Imports
Sections
-
$TEMPImg/PazeraToolbar.exe
7fa974366048f9c551ef45714595665e
Code Sign
Headers
Imports
Sections
-
$PLUGINSDIR/CABSetup.dll
5070fa13a62547a5beae58004a204cbb
Headers
Imports
Exports
Sections
-
$PLUGINSDIR/InetLoad.dll
24a4a671f5cc294ce3543d18a1e873cd
Headers
Imports
Exports
Sections
-
$PLUGINSDIR/InstallOptions.dll
57354bdeea3dfae6e948101add87501a
Headers
Imports
Exports
Sections
-
$PLUGINSDIR/ScrollLicense.dll
674bbf1e72dbf6f2664d8aea288261e0
Headers
Imports
Exports
Sections
-
$PLUGINSDIR/System.dll
4ec328f99bdd944fc98d8a5cf11f7a62
Headers
Imports
Exports
Sections
-
$PLUGINSDIR/UserInfo.dll
48cfa0ea7e353e4a7dd23572da8374ef
Headers
Imports
Exports
Sections
-
$PLUGINSDIR/dca.ini
-
$PLUGINSDIR/frtb_static_files.cab
-
Helper.dll
34a3df05d2cc08ee3da4457ce628c357
Headers
Imports
Exports
Sections
-
ImageConversion.dll
44781c6895de7935eaa213d8ae356e35
Headers
Imports
Exports
Sections
-
RSSReader_plugin.dll
a654a29e2f99af5247506fac6ee4864b
Headers
Imports
Exports
Sections
-
RadioPlugin.dll
8e37a09dc6394fe8978f45de107c05a9
Headers
Imports
Exports
Sections
-
SearchComponent.dll
6299116dafc34c4ef19d19e43b8d6694
Headers
Imports
Exports
Sections
-
Toolbar.dll
be7add6560b15c5bc3f7a0b1f583a08e
Headers
Imports
Exports
Sections
-
TroubleShooter.exe
7e560e1cf79aa015363d94a640ecdbbb
Headers
Imports
Sections
-
aboutTabs.7.js
-
aboutTabs.8.js
-
audio.bmp
-
banner_container.html
-
blockcursor.cur
-
blocksound.wav
-
bookmark_off.bmp
-
bookmark_on.bmp
-
bookmarksplugin.dll
e563b5e0ac42ca459ba9f51cfd361743
Headers
Imports
Exports
Sections
-
bubble_permissions.html
-
build
-
caching_banner.html
-
chevron.bmp
-
component.xsl
-
efolder.bmp
-
email.bmp
-
email2.bmp
-
emailchecker_plugin.dll
12417e76af468159503b8e5ed44b08c9
Headers
Imports
Exports
Sections
-
facebook.feature
-
fbrss.xsl
-
ff.xsl
-
folder.bmp
-
gedit.exe
a795589b34089fa942ee977fd356efd0
Headers
Imports
Sections
-
iefavelem.bmp
-
images/msgbox/down.gif
-
images/msgbox/hr.bmp
-
images/msgbox/mark.png
-
images/msgbox/mark_do.png
-
images/msgbox/mark_na.png
-
images/msgbox/navbg.bmp
-
images/msgbox/refresh.png
-
images/msgbox/refresh_do.png
-
images/msgbox/refresh_na.png
-
images/msgbox/trash.png
-
images/msgbox/trash_do.png
-
images/msgbox/trash_na.png
-
images/msgbox/unmark.png
-
images/msgbox/unmark_do.png
-
images/msgbox/unmark_na.png
-
images/msgbox/up.gif
-
images/ticker/left.gif
-
images/ticker/right.gif
-
images/weather/0.bmp
-
images/weather/1.bmp
-
images/weather/10.bmp
-
images/weather/11.bmp
-
images/weather/12.bmp
-
images/weather/13.bmp
-
images/weather/14.bmp
-
images/weather/15.bmp
-
images/weather/16.bmp
-
images/weather/17.bmp
-
images/weather/18.bmp
-
images/weather/19.bmp
-
images/weather/2.bmp
-
images/weather/20.bmp
-
images/weather/21.bmp
-
images/weather/22.bmp
-
images/weather/23.bmp
-
images/weather/24.bmp
-
images/weather/25.bmp
-
images/weather/26.bmp
-
images/weather/27.bmp
-
images/weather/28.bmp
-
images/weather/29.bmp
-
images/weather/3.bmp
-
images/weather/30.bmp
-
images/weather/31.bmp
-
images/weather/32.bmp
-
images/weather/33.bmp
-
images/weather/34.bmp
-
images/weather/35.bmp
-
images/weather/36.bmp
-
images/weather/37.bmp
-
images/weather/38.bmp
-
images/weather/39.bmp
-
images/weather/4.bmp
-
images/weather/40.bmp
-
images/weather/41.bmp
-
images/weather/42.bmp
-
images/weather/43.bmp
-
images/weather/44.bmp
-
images/weather/45.bmp
-
images/weather/46.bmp
-
images/weather/47.bmp
-
images/weather/5.bmp
-
images/weather/6.bmp
-
images/weather/7.bmp
-
images/weather/8.bmp
-
images/weather/9.bmp
-
images/weather/hr.bmp
-
images/weather/na.bmp
-
images/weather/png/0.png
-
images/weather/png/1.png
-
images/weather/png/10.png
-
images/weather/png/11.png
-
images/weather/png/12.png
-
images/weather/png/13.png
-
images/weather/png/14.png
-
images/weather/png/15.png
-
images/weather/png/16.png
-
images/weather/png/17.png
-
images/weather/png/18.png
-
images/weather/png/19.png
-
images/weather/png/2.png
-
images/weather/png/20.png
-
images/weather/png/21.png
-
images/weather/png/22.png
-
images/weather/png/23.png
-
images/weather/png/24.png
-
images/weather/png/25.png
-
images/weather/png/26.png
-
images/weather/png/27.png
-
images/weather/png/28.png
-
images/weather/png/29.png
-
images/weather/png/3.png
-
images/weather/png/30.png
-
images/weather/png/31.png
-
images/weather/png/32.png
-
images/weather/png/33.png
-
images/weather/png/34.png
-
images/weather/png/35.png
-
images/weather/png/36.png
-
images/weather/png/37.png
-
images/weather/png/38.png
-
images/weather/png/39.png
-
images/weather/png/4.png
-
images/weather/png/40.png
-
images/weather/png/41.png
-
images/weather/png/42.png
-
images/weather/png/43.png
-
images/weather/png/44.png
-
images/weather/png/45.png
-
images/weather/png/46.png
-
images/weather/png/47.png
-
images/weather/png/5.png
-
images/weather/png/6.png
-
images/weather/png/7.png
-
images/weather/png/8.png
-
images/weather/png/9.png
-
images/weather/png/na.png
-
location.xsl
-
magglass.ico
-
manage_bookmarks.html
-
marquee.html
-
marquee_permissions.html
-
messaging.bmp
-
minus.bmp
-
msgbox_bubble.tmpl
-
msgbox_openmsg.tmpl
-
msgboxplugin.dll
f5bf42725c49d4c113e19d01bba98d36
Headers
Imports
Exports
Sections
-
offline.html
-
plus.bmp
-
podcast.bmp
-
podcast.xsl
-
radio.bmp
-
resize.bmp
-
rssfeed.bmp
-
search.xsl
-
skins/radio/gray03/Equalizer1.bmp
-
skins/radio/gray03/Equalizer2.bmp
-
skins/radio/gray03/Equalizer3.bmp
-
skins/radio/gray03/Equalizer4.bmp
-
skins/radio/gray03/Equalizer5.bmp
-
skins/radio/gray03/Equalizer6.bmp
-
skins/radio/gray03/btn_dropdwn_down.bmp
-
skins/radio/gray03/btn_dropdwn_over.bmp
-
skins/radio/gray03/btn_dropdwn_up.bmp
-
skins/radio/gray03/btn_max_down.bmp
-
skins/radio/gray03/btn_max_over.bmp
-
skins/radio/gray03/btn_max_up.bmp
-
skins/radio/gray03/btn_min_down.bmp
-
skins/radio/gray03/btn_min_over.bmp
-
skins/radio/gray03/btn_min_up.bmp
-
skins/radio/gray03/btn_pause_down.bmp
-
skins/radio/gray03/btn_pause_over.bmp
-
skins/radio/gray03/btn_pause_up.bmp
-
skins/radio/gray03/btn_play_down.bmp
-
skins/radio/gray03/btn_play_over.bmp
-
skins/radio/gray03/btn_play_up.bmp
-
skins/radio/gray03/btn_playcntrl_over.bmp
-
skins/radio/gray03/btn_playcntrl_up.bmp
-
skins/radio/gray03/btn_stop_down.bmp
-
skins/radio/gray03/btn_stop_over.bmp
-
skins/radio/gray03/btn_stop_up.bmp
-
skins/radio/gray03/btn_volcntrl_over.bmp
-
skins/radio/gray03/btn_volcntrl_up.bmp
-
skins/radio/gray03/playcntrl_bg.bmp
-
skins/radio/gray03/radio.bmp
-
skins/radio/gray03/radio_mask.bmp
-
skins/radio/gray03/radio_minimalized.bmp
-
skins/radio/gray03/radio_minimalized_mask.bmp
-
skins/radio/gray03/station.bmp
-
skins/radio/gray03/vol_01.bmp
-
skins/radio/gray03/vol_02.bmp
-
skins/radio/gray03/vol_03.bmp
-
skins/radio/gray03/volslide_bg.bmp
-
skins/radio/gray03/volslide_track.bmp
-
star_on.gif
-
update_progress.html
-
version.txt
-
version.xsl
-
weather_bubble.tmpl
-
weatherplugin.dll
36574711ddac880ec666c66830955202
Headers
Imports
Exports
Sections
-
$PLUGINSDIR/gplunger.dll
bb24ab9fddb167f7754f91e378a2b052
Headers
Imports
Exports
Sections
-
$PLUGINSDIR/ioSpecial.ini
-
$PLUGINSDIR/modern-wizard.bmp
-
$PLUGINSDIR/nsExec.dll
053c8c5da7b5f6a2513024b82859e1b0
Headers
Imports
Exports
Sections
-
$PLUGINSDIR/nsisFirewall.dll
1a4c99175e8891c64634680f4f238d51
Headers
Imports
Exports
Sections
-
$PLUGINSDIR/options.ini
-
$PLUGINSDIR/textreplace.dll
c9b875d3f7604775d782afcb308d92df
Headers
Imports
Exports
Sections
-
$PLUGINSDIR/unicode.dll
05f29a3dc3b7096bfdca7ddbd6b47dd0
Headers
Imports
Exports
Sections
-
ToolbarUpdate.exe
b4785ab5f09590fd79c781ce7cb4fba2
Code Sign
Headers
Imports
Sections
-
Uninst.exe.nsis
-
default.xml
-
icons.bmp
-
images/amazon.bmp
-
images/ebay.bmp
-
images/email.bmp
-
images/email2.bmp
-
images/wikipedia.bmp
-
images/yahoo.bmp
-
localization.xml
-
patch.bat
-
settings
-
ticker.html
-
$TEMPImg/VerControl.exe
514a9a1e5bae119ec76c5ca238859d46
Headers
Imports
Sections
-
$TEMPImg/askToolbarInstaller-1.9.1.0.exe
206513a2c97fa61166fe9ae13d91d955
Code Sign
Headers
Imports
Sections
-
$TEMPImg/chk.exe
514a9a1e5bae119ec76c5ca238859d46
Headers
Imports
Sections
-
$TEMPImg/vcheck.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections
-
Uninst.exe
7fa974366048f9c551ef45714595665e
Headers
Imports
Sections
-
$PLUGINSDIR/Processes.dll
f5edecae12589e705677a6e272ad0394
Headers
Imports
Exports
Sections
-
$TEMPImg/ioClean.ini
-
Acknowledgements.txt
-
FreeiPhoneVideoConverter.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections
-
FreeiPhoneVideoConverter.url
-
IrisSkin2.dll
dae02f32a21e03ce65412f6e56942daa
Headers
Imports
Sections
-
Settings.ini
-
Uninst.exe
a23455b2d570c1e80b11b92360e41c00
Headers
Imports
Sections
-
$PLUGINSDIR/Processes.dll
f5edecae12589e705677a6e272ad0394
Headers
Imports
Exports
Sections
-
iphone.ocvc
-
license.txt
-
tools/Engine.exe
84fea567b9c0a0768d6274d600db0301
Headers
Imports
Sections
-
tools/IrisSkin2.dll
dae02f32a21e03ce65412f6e56942daa
Headers
Imports
Sections
-
tools/MediaInfo.exe
Headers
Sections
-
tools/atrc3260.dll
6586f6b67922619ef0bd5f2a8e0679d6
Headers
Imports
Exports
Sections
-
tools/cook3260.dll
b6a8e24f32ad566499f8cb1ca7dd463c
Headers
Imports
Exports
Sections
-
tools/drv13260.dll
232d11e71e9db2c13e39696149eba4f6
Headers
Imports
Exports
Sections
-
tools/drv23260.dll
956ed08b4825cd8ff0c2b3fe8ba05ef3
Headers
Imports
Exports
Sections
-
tools/drv33260.dll
600d6f7c1cea6736e951ab7ecfe9da08
Headers
Imports
Exports
Sections
-
tools/drv43260.dll
e31d4509c91ceccd53040baa2421daf4
Headers
Imports
Exports
Sections
-
tools/libiconv-2.dll
675ccda1f32192df84274bba8d1000cd
Headers
Imports
Exports
Sections
-
tools/pncrt.dll
828907b7a8ec04c9c4031e40ef2f76ec
Headers
Imports
Exports
Sections
-
tools/registeri.exe
492138ce5716142bee4b8c6ddf19a2c0
Headers
Imports
Sections
-
tools/registeri_y.exe
492138ce5716142bee4b8c6ddf19a2c0
Headers
Imports
Sections
-
tools/shutdown.bat
-
tools/sipr3260.dll
c1935d65f94ed1568e2ba5a5eb73a065
Headers
Imports
Exports
Sections
-
tools/tokr3260.dll
4f44386571fd04bba8c0455dac3b4f1a
Headers
Imports
Exports
Sections