Overview

overview

7

Static

static

3

3e06a712c6...18.exe

windows7-x64

7

3e06a712c6...18.exe

windows10-2004-x64

7

Закач...up.exe

windows7-x64

Закач...up.exe

windows10-2004-x64

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$TEMP/A300...VER.7z

windows7-x64

3

$TEMP/A300...VER.7z

windows10-2004-x64

3

install.html

windows7-x64

1

install.html

windows10-2004-x64

1

js/bramus/...ler.js

windows7-x64

3

js/bramus/...ler.js

windows10-2004-x64

3

js/prototy...ype.js

windows7-x64

3

js/prototy...ype.js

windows10-2004-x64

3

lic.html

windows7-x64

1

lic.html

windows10-2004-x64

1

page.html

windows7-x64

1

page.html

windows10-2004-x64

1

page2.html

windows7-x64

1

page2.html

windows10-2004-x64

1

page3.html

windows7-x64

1

page3.html

windows10-2004-x64

1

page4.html

windows7-x64

1

page4.html

windows10-2004-x64

1

page5.html

windows7-x64

1

page5.html

windows10-2004-x64

1

page7.html

windows7-x64

1

page7.html

windows10-2004-x64

1

skype/install.html

windows7-x64

1

skype/install.html

windows10-2004-x64

1

skype/js/b...ler.js

windows7-x64

3

skype/js/b...ler.js

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3e06a712c6d5ffc1925839bfa2829ee8_JaffaCakes118

  • Size

    3.3MB

  • MD5

    3e06a712c6d5ffc1925839bfa2829ee8

  • SHA1

    1545d3b2765d02b0b599adf2a7d1b4b10c55b1b2

  • SHA256

    e3700da64eb073a95b0b3d4306c4a77c4de6c02c954a545bb63edbc3917c88f4

  • SHA512

    5af1ddaa2aa413b41825de35e4b40838587551c9e7478836b117a9c5f20ac4bcdb1820c15efc5ec413354a3f0ce0e58d79cfa800c7e5adec5a10a7912fe89d92

  • SSDEEP

    49152:5w1bkdEF62K1kixxXexH1KKxrpQpE7vWCTdAD8a+YPmvmJ1sdeKUtpYsvqmZRukl:5ak1PMWqDZM/vm+Hm3UtPfRujyO6PzN

Score
3/10

Malware Config

Signatures

  • Unsigned PE 5 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 2 IoCs
    installer

Files

  • 3e06a712c6d5ffc1925839bfa2829ee8_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    7fa974366048f9c551ef45714595665e


    Headers

    Imports

    Sections

  • $EXEDIR/Skype 5.7z
    .7z
  • Закачка/SkypeSetup.exe
  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    2017f2acbdaa42ab3e4adeb8b4c37e7b


    Headers

    Imports

    Exports

    Sections

  • $TEMP/A3006253/COMMENT
  • $TEMP/A3006253/COVER
    .7z .js polyglot
  • images/bramus/percentImage.gif
    .gif
  • images/bramus/percentImage.png
    .png
  • images/bramus/percentImage_back.png
    .png
  • images/free.png
    .png
  • images/header-Install.png
    .png
  • images/header-skype.png
    .png
  • images/header.png
    .png
  • images/icons/add.gif
    .gif
  • images/icons/empty.gif
    .gif
  • images/icons/fill.gif
    .gif
  • images/icons/get.gif
    .gif
  • images/icons/minus.gif
    .gif
  • images/icons/set.gif
    .gif
  • images/install.png
    .png
  • images/one.png
    .png
  • images/two.png
    .png
  • install.html
    .js
  • js/bramus/jsProgressBarHandler.js
    .js
  • js/prototype/prototype.js
    .js
  • lic.html
  • page.html
  • page2.html
  • page3.html
  • page4.html
  • page5.html
  • page7.html
  • skype/images/bramus/percentImage.gif
    .gif
  • skype/images/bramus/percentImage.png
    .png
  • skype/images/bramus/percentImage_back.png
    .png
  • skype/images/free.png
    .png
  • skype/images/header-Install.png
    .png
  • skype/images/header-skype.png
    .png
  • skype/images/header.png
    .png
  • skype/images/icons/add.gif
    .gif
  • skype/images/icons/empty.gif
    .gif
  • skype/images/icons/fill.gif
    .gif
  • skype/images/icons/get.gif
    .gif
  • skype/images/icons/minus.gif
    .gif
  • skype/images/icons/set.gif
    .gif
  • skype/images/install.png
    .png
  • skype/images/one.png
    .png
  • skype/images/two.png
    .png
  • skype/install.html
    .js
  • skype/js/bramus/jsProgressBarHandler.js
    .js
  • skype/js/prototype/prototype.js
    .js
  • skype/lic.html
  • skype/page.html
  • skype/page2.html
  • skype/page3.html
  • skype/page4.html
  • skype/page5.html
  • skype/page7.html
  • skype/text.html
  • text.html
  • $TEMP/A3006253/CST
  • $TEMP/A3006253/FLIST
  • $TEMP/A3006253/IDV
  • $TEMP/A3006253/INFO
  • $TEMP/A3006253/action1.dll
    .dll windows:5 windows x86 arch:x86

    395b12ee5d5cba0a671dcace60606094


    Headers

    Imports

    Exports

    Sections

  • $TEMP/A3006253/ico.dat
  • $TEMP/A3006253/sfx7.dll
    .dll windows:5 windows x86 arch:x86

    b025e79b2d77b0f41dc4579eec02a14e


    Headers

    Imports

    Exports

    Sections

  • $TEMP/A3006253/zar.dll
    .dll windows:4 windows x86 arch:x86

    3726b8c597bbd6bac65abe3d0400a84f


    Headers

    Imports

    Exports

    Sections

  • C:/Users/1/AppData/Local/Temp/Build/COMMENT
  • C:/Users/1/AppData/Local/Temp/Build/COVER
    .7z .js polyglot
  • images/bramus/percentImage.gif
    .gif
  • images/bramus/percentImage.png
    .png
  • images/bramus/percentImage_back.png
    .png
  • images/free.png
    .png
  • images/header-Install.png
    .png
  • images/header-skype.png
    .png
  • images/header.png
    .png
  • images/icons/add.gif
    .gif
  • images/icons/empty.gif
    .gif
  • images/icons/fill.gif
    .gif
  • images/icons/get.gif
    .gif
  • images/icons/minus.gif
    .gif
  • images/icons/set.gif
    .gif
  • images/install.png
    .png
  • images/one.png
    .png
  • images/two.png
    .png
  • install.html
    .js
  • js/bramus/jsProgressBarHandler.js
    .js
  • js/prototype/prototype.js
    .js
  • lic.html
  • page.html
  • page2.html
  • page3.html
  • page4.html
  • page5.html
  • page7.html
  • skype/images/bramus/percentImage.gif
    .gif
  • skype/images/bramus/percentImage.png
    .png
  • skype/images/bramus/percentImage_back.png
    .png
  • skype/images/free.png
    .png
  • skype/images/header-Install.png
    .png
  • skype/images/header-skype.png
    .png
  • skype/images/header.png
    .png
  • skype/images/icons/add.gif
    .gif
  • skype/images/icons/empty.gif
    .gif
  • skype/images/icons/fill.gif
    .gif
  • skype/images/icons/get.gif
    .gif
  • skype/images/icons/minus.gif
    .gif
  • skype/images/icons/set.gif
    .gif
  • skype/images/install.png
    .png
  • skype/images/one.png
    .png
  • skype/images/two.png
    .png
  • skype/install.html
    .js
  • skype/js/bramus/jsProgressBarHandler.js
    .js
  • skype/js/prototype/prototype.js
    .js
  • skype/lic.html
  • skype/page.html
  • skype/page2.html
  • skype/page3.html
  • skype/page4.html
  • skype/page5.html
  • skype/page7.html
  • skype/text.html
  • text.html
  • C:/Users/1/AppData/Local/Temp/Build/FLIST
  • C:/Users/1/AppData/Local/Temp/Build/IDV
  • C:/Users/1/AppData/Local/Temp/Build/INFO
  • C:/Users/1/AppData/Local/Temp/Build/ico.dat
  • C:/Users/1/AppData/Local/Temp/Build/ico.ico