Overview

overview

7

Static

static

7

3c2f5be6cf...18.exe

windows7-x64

7

3c2f5be6cf...18.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

Mame32.chm

windows7-x64

1

Mame32.chm

windows10-2004-x64

1

kailleraclient.dll

windows7-x64

1

kailleraclient.dll

windows10-2004-x64

7

mame32k.exe

windows7-x64

7

mame32k.exe

windows10-2004-x64

7

mame32kk.exe

windows7-x64

1

mame32kk.exe

windows10-2004-x64

1

zip32.dll

windows7-x64

3

zip32.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    3c2f5be6cfc580a9d40a8308ee004ea6_JaffaCakes118

  • Size

    5.5MB

  • MD5

    3c2f5be6cfc580a9d40a8308ee004ea6

  • SHA1

    e57383a264c0b10f2fb8d9bf0a457489469f4898

  • SHA256

    e9065a54a9972820730e6ae609971210164ee304606cd189d0075422108ddd4d

  • SHA512

    f32880b7f447367f17b2de4fec35aabb6c912b11d828552860730c2c97b01bcd39f07e23a339f6b396eccac8008bececc6a0977563c4f231095836d810c6364f

  • SSDEEP

    98304:hqmFeot3HIeNXCY8HsPNpyX8hkSBTGxKx8+grc1Q+E76KVktSP/777PkYNj:hqk3JXCnMPThOxwccM76CpD8Yd

Score
7/10
upx

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 1 IoCs

    Detects file using ACProtect software.

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 7 IoCs

    Checks for missing Authenticode signature.

Files

  • 3c2f5be6cfc580a9d40a8308ee004ea6_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    dd1742eadfc6df18ded3c26ae64ad610


    Headers

    Imports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    b1cd0d78f652ce5fc63f0879371af012


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-header.bmp
  • $PLUGINSDIR/modern-wizard.bmp
  • MAME32kui.ini
  • Main_dtdj.ini
  • Mame32.chm
    .chm
  • cfg/default.cfg
  • ini/MAME32k.ini
  • join.wav
  • kaillera.txt
  • kailleraclient.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • out.upx
    .dll windows:4 windows x86 arch:x86


    Headers

    Sections

  • madmotor.zip
    .zip
  • 00
  • 01
  • 02
  • 03
  • 04
  • 05
  • 06
  • 07
  • 08
  • 09
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • ChinaEmu.nfo
  • read_me.txt
  • mame32k
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • mame32kk.exe
    .exe windows:5 windows x86 arch:x86

    4dbc5d08df28b8f55d5238d42ee67fa8


    Headers

    Imports

    Sections

  • readme.txt
  • roms/madmotor.zip
    .zip
  • 00
  • 01
  • 02
  • 03
  • 04
  • 05
  • 06
  • 07
  • 08
  • 09
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • ChinaEmu.nfo
  • read_me.txt
  • roms/neogeo.zip
    .zip
  • neo-geo.rom
  • ng-lo.rom
  • ng-sfix.rom
  • ng-sm1.rom
  • zip32.dll
    .dll windows:4 windows x86 arch:x86

    db1e4d25a40dfd2a9f2ff326c81166fe


    Headers

    Imports

    Exports

    Sections