Overview

overview

8

Static

static

7

3d0e6ae404...18.exe

windows7-x64

8

3d0e6ae404...18.exe

windows10-2004-x64

8

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/UAC.dll

windows7-x64

3

$PLUGINSDIR/UAC.dll

windows10-2004-x64

3

$PLUGINSDI...et.dll

windows7-x64

3

$PLUGINSDI...et.dll

windows10-2004-x64

3

$PLUGINSDIR/img.dll

windows7-x64

3

$PLUGINSDIR/img.dll

windows10-2004-x64

3

$PLUGINSDI...le.dll

windows7-x64

3

$PLUGINSDI...le.dll

windows10-2004-x64

3

$PLUGINSDI...ML.dll

windows7-x64

3

$PLUGINSDI...ML.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    3d0e6ae40414b357518eebbaf8b7de0f_JaffaCakes118

  • Size

    195KB

  • MD5

    3d0e6ae40414b357518eebbaf8b7de0f

  • SHA1

    110eb2c0b0b5425b48e605ec779de2fe319770b0

  • SHA256

    eab49a777d58d86d91ec023c579c98d9cae1c517d39583bca5055bc7565957c5

  • SHA512

    c2ee5a7348a04d1cad4b87250cd65f909e01fd60654cfbb13b73c2cc802b561970d8b09a594fd10ef85f9883be867f74dcd457bfdf8c52b41778665351885408

  • SSDEEP

    1536:Vfa7kS9P7Lxt4FvOsq3TmLOONHxOt5k7pOPf26Q8pIVztHXUj3uD46JgjhF1Jaiu:o7kS9P7LxqVXOHktcOV8pLjijYEi8T

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 8 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 1 IoCs
    installer

Files

  • 3d0e6ae40414b357518eebbaf8b7de0f_JaffaCakes118
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    2017f2acbdaa42ab3e4adeb8b4c37e7b


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/UAC.dll
    .dll windows:4 windows x86 arch:x86

    51cc377db2a9db8d63bafd8fe8dffb97


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/httpget.dll
    .dll windows:4 windows x86 arch:x86

    eb42b4b67227f576aef6a2e83ac8ef5e


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/img.dll
    .dll windows:4 windows x86 arch:x86

    8244405577263a4c327ca6eebef5b3d5


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsisFile.dll
    .dll windows:4 windows x86 arch:x86

    722b4c6354d0d74582e6b8b9621ef62c


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsisXML.dll
    .dll windows:4 windows x86 arch:x86

    177dccc4d0323e428824818efd241cc7


    Headers

    Imports

    Exports

    Sections

  • $TEMP/bullet.bmp
  • $TEMP/no-cover.jpg
    .jpg
  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • utils.jar
    .zip
  • org/sevenzip/decoder/CRC.class
  • org/sevenzip/decoder/LzmaAloneDecoder$CommandLine.class
  • org/sevenzip/decoder/LzmaAloneDecoder.class
  • org/sevenzip/decoder/LzmaException.class
  • org/sevenzip/decoder/SevenZipFolderDecoder.class
  • org/sevenzip/decoder/compression/lz/OutWindow.class
  • org/sevenzip/decoder/compression/lzma/Base.class
  • org/sevenzip/decoder/compression/lzma/Decoder$LenDecoder.class
  • org/sevenzip/decoder/compression/lzma/Decoder$LiteralDecoder$Decoder2.class
  • org/sevenzip/decoder/compression/lzma/Decoder$LiteralDecoder.class
  • org/sevenzip/decoder/compression/lzma/Decoder.class
  • org/sevenzip/decoder/compression/rangecoder/BitTreeDecoder.class
  • org/sevenzip/decoder/compression/rangecoder/Decoder.class
  • ru/megamakc/core/hash/ProgressListener.class
  • ru/megamakc/core/path/IPathConverter.class
  • ru/megamakc/core/tools/FileHelperBase.class
  • ru/megamakc/zip/IZipCreator.class
  • ru/megamakc/zip/ZipHelper$1.class
  • ru/megamakc/zip/ZipHelper$ZipDeflatedStream.class
  • ru/megamakc/zip/ZipHelper.class