Overview

overview

7

Static

static

7

a/�...on.dll

windows7-x64

1

a/�...on.dll

windows10-2004-x64

1

a/�...ht.dll

windows7-x64

1

a/�...ht.dll

windows10-2004-x64

1

a/�...ch.dll

windows7-x64

1

a/�...ch.dll

windows10-2004-x64

1

a/�...ok.dll

windows7-x64

1

a/�...ok.dll

windows10-2004-x64

1

a/�...ib.vbs

windows7-x64

1

a/�...ib.vbs

windows10-2004-x64

1

a/�...ib.vbs

windows7-x64

1

a/�...ib.vbs

windows10-2004-x64

1

a/�...j1.exe

windows7-x64

7

a/�...j1.exe

windows10-2004-x64

7

a/�...F5.exe

windows7-x64

3

a/�...F5.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    42e1a5671412f19377c3619aa21f3fb3_JaffaCakes118

  • Size

    715KB

  • MD5

    42e1a5671412f19377c3619aa21f3fb3

  • SHA1

    e19ee53bac4117d32e059ee364e6d24f5637854f

  • SHA256

    63e17688dcf6c81a47b77c9db32b70f5ba83c6f1bf9dee72f6ef932cccd6a01f

  • SHA512

    344e507b57003ada78bedc4f4b8899c1649ccedf900771dc9ba736ab010e3b6b3d8a70d609a32d3312702f31f07e3672d96441fa6a0b8b95dbe7dfe3f34f38ec

  • SSDEEP

    12288:7VRZb6r9IEifBCY12PZ+7zupsTRrGikG79RvkjpxPtuC4wmB9zgojki46TT2BqE:tbeTLPonuaRr6GT6puv37in

Score
7/10

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 3 IoCs

    Detects file using ACProtect software.

  • Unsigned PE 6 IoCs

    Checks for missing Authenticode signature.

Files

  • 42e1a5671412f19377c3619aa21f3fb3_JaffaCakes118
    .zip
  • a/Fnew/415r.txt
  • a/Fnew/BException.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • a/Fnew/BException_cht.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • a/Fnew/QMDispatch.dll
    .dll regsvr32 windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • a/Fnew/Readme.txt
  • a/Fnew/envlist.txt
  • a/Fnew/hook.dll
    .dll windows:4 windows x86 arch:x86

    ea47dc4ff659733eb00bb53dea61a095


    Headers

    Imports

    Sections

  • a/Fnew/mymacro.ini
  • a/Fnew/qmacro.ini
  • a/Fnew/script/7r20 10 15_N0.txt
  • a/Fnew/script/bak/7r20 10 15new.txt
  • a/Fnew/script/stdlib.vbs
    .vbs
  • a/Fnew/script/pF.bmp
  • a/Fnew/stdlib.vbs
    .vbs
  • a/Fnew/tips.txt
  • a/Fnew/@ΰؽj1.EXE
    .exe windows:4 windows x86 arch:x86

    9c8decf3582072f6edfc385a689f44f4


    Headers

    Imports

    Sections

  • a/Fnew/F5.exe
    .exe windows:4 windows x86 arch:x86

    3c0e70bfa5f73f1f1cef484e2bcb5bf8


    Headers

    Imports

    Sections

  • a/Fnew/FɯŻ.txt