Overview

overview

7

Static

static

7

gamebox.exe

windows7-x64

7

gamebox.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$SYSDIR/Ma...9o.dll

windows7-x64

1

$SYSDIR/Ma...9o.dll

windows10-2004-x64

1

$SYSDIR/Ma...9o.dll

windows7-x64

1

$SYSDIR/Ma...9o.dll

windows10-2004-x64

1

$SYSDIR/mscomctl.dll

windows7-x64

1

$SYSDIR/mscomctl.dll

windows10-2004-x64

1

Config.dll

windows7-x64

1

Config.dll

windows10-2004-x64

1

Gamebox.exe

windows7-x64

7

Gamebox.exe

windows10-2004-x64

7

ShellUI.dll

windows7-x64

1

ShellUI.dll

windows10-2004-x64

1

UI_6.dll

windows7-x64

7

UI_6.dll

windows10-2004-x64

7

Update.dll

windows7-x64

1

Update.dll

windows10-2004-x64

1

uninst.exe

windows7-x64

7

uninst.exe

windows10-2004-x64

7

新云软件.url

windows7-x64

1

新云软件.url

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    458914a6b1e03217d9be0715803228be_JaffaCakes118

  • Size

    2.4MB

  • MD5

    458914a6b1e03217d9be0715803228be

  • SHA1

    2d22810d89c25ddd740f728f2a37892965c37b2e

  • SHA256

    5ffbf12675bb0a3af407a83e83d85adee93e4fb76154f43340963d4f621a9a43

  • SHA512

    1cb7a9a6d788fecc50b9712cefc23c5df1c7c49ef115060125c7878e8b5ab50aa99090de7c4339e204cd395c275bfab53aaffb68f1f1bf0d8a2b8fffd2211726

  • SSDEEP

    49152:JRkE2LXKqBu2VhZakJ+oV7oMHzDb43LqMEyeEqDF0fdJqXkMs6XN:B2LFu2VHJ+o0M743GMEywkBgN

Score
7/10
upx

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 1 IoCs

    Detects file using ACProtect software.

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 8 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 4 IoCs
    installer

Files

  • 458914a6b1e03217d9be0715803228be_JaffaCakes118
    .rar
  • gamebox.exe
    .exe windows:4 windows x86 arch:x86

    099c0646ea7282d232219f8807883be0


    Headers

    Imports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    b1cd0d78f652ce5fc63f0879371af012


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    2017f2acbdaa42ab3e4adeb8b4c37e7b


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-wizard.bmp
  • $PLUGINSDIR/page-fin.ini
  • $SYSDIR/Macromed/Flash/Flash9o.oca
    .dll windows:4 windows x86 arch:x86


    Headers

    Sections

  • $SYSDIR/Macromed/Flash/Flash9o.ocx
    .dll regsvr32 windows:4 windows x86 arch:x86

    e4a373bd0b313bea693aa9c05a492c7c


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $SYSDIR/mscomctl.ocx
    .dll regsvr32 windows:4 windows x86 arch:x86

    ce21923007044b1701a0b2dc4ac9396b


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Config.dll
  • Favorite.mdb
  • Gamebox.DEP
  • Gamebox.exe
    .exe windows:4 windows x86 arch:x86

    bc4dd82e4012c0c1eed47f440c709dad


    Headers

    Imports

    Sections

  • ImgLoading.gif
    .gif
  • LDsend.Dll
    .xml
  • ShellUI.dll
    .dll windows:5 windows x86 arch:x86

    46f15e13573f4c80c51eae026f26665b


    Headers

    Imports

    Exports

    Sections

  • Skinh.she
  • UI_6.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • Update.dll
  • VerTmp.Dll
    .xml
  • uninst.exe
    .exe windows:4 windows x86 arch:x86

    099c0646ea7282d232219f8807883be0


    Headers

    Imports

    Sections

  • 新云软件.url
    .url