Overview

overview

7

Static

static

7

4648364ab5...18.exe

windows7-x64

7

4648364ab5...18.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

Mame32.chm

windows7-x64

1

Mame32.chm

windows10-2004-x64

1

kailleraclient.dll

windows7-x64

7

kailleraclient.dll

windows10-2004-x64

7

mame32k.exe

windows7-x64

7

mame32k.exe

windows10-2004-x64

7

mame32kk.exe

windows7-x64

1

mame32kk.exe

windows10-2004-x64

1

zip32.dll

windows7-x64

3

zip32.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    4648364ab5e03f300bccf2f0c468835f_JaffaCakes118

  • Size

    6.0MB

  • MD5

    4648364ab5e03f300bccf2f0c468835f

  • SHA1

    bfe90fcf3a27c0b01659e5d00f3bf08c6a117f35

  • SHA256

    4dadd2ae2ce2ca289a1cb04a75bdf6ea5c729327e3529b75dc68e0e857f2697e

  • SHA512

    0907200c4f2243a183fec4982e32d2f3b481bd3342e89e12e8a004fe3af0842cb6a313e5f32e34dc5aa9c1f84cd961eb3366a617c8dc4ba9d90d3b1aaa6fbb36

  • SSDEEP

    98304:+qmFeot3HIeNXCY8HsPNpyX8hkSBTGxKx8+grc1Q+ER7VrFm4Y6YBfgVRVHrD:+qk3JXCnMPThOxwccMZ6j6YFgZHrD

Score
7/10
upx

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 1 IoCs

    Detects file using ACProtect software.

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 7 IoCs

    Checks for missing Authenticode signature.

Files

  • 4648364ab5e03f300bccf2f0c468835f_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    dd1742eadfc6df18ded3c26ae64ad610


    Headers

    Imports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    b1cd0d78f652ce5fc63f0879371af012


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-header.bmp
  • $PLUGINSDIR/modern-wizard.bmp
  • MAME32kui.ini
  • Main_dtdj.ini
  • Mame32.chm
    .chm
  • cfg/default.cfg
  • ctribe.zip
    .zip
  • ChinaEmu.nfo
  • ct_ep2.rom
  • ct_ep4.rom
  • ct_ep5.rom
  • ct_ep6.rom
  • ct_ep7.rom
  • ct_ep8.rom
  • ct_mr0.rom
  • ct_mr1.rom
  • ct_mr2.rom
  • ct_mr3.rom
  • ct_mr4.rom
  • ct_mr5.rom
  • ct_mr6.rom
  • ct_mr7.rom
  • ct_mr8.rom
  • ic-25
  • ic-26
  • read_me.txt
  • ini/MAME32k.ini
  • join.wav
  • kaillera.txt
  • kailleraclient.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • out.upx
    .dll windows:4 windows x86 arch:x86


    Headers

    Sections

  • mame32k
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • mame32kk.exe
    .exe windows:5 windows x86 arch:x86

    4dbc5d08df28b8f55d5238d42ee67fa8


    Headers

    Imports

    Sections

  • readme.txt
  • roms/ctribe.zip
    .zip
  • ChinaEmu.nfo
  • ct_ep2.rom
  • ct_ep4.rom
  • ct_ep5.rom
  • ct_ep6.rom
  • ct_ep7.rom
  • ct_ep8.rom
  • ct_mr0.rom
  • ct_mr1.rom
  • ct_mr2.rom
  • ct_mr3.rom
  • ct_mr4.rom
  • ct_mr5.rom
  • ct_mr6.rom
  • ct_mr7.rom
  • ct_mr8.rom
  • ic-25
  • ic-26
  • read_me.txt
  • roms/neogeo.zip
    .zip
  • neo-geo.rom
  • ng-lo.rom
  • ng-sfix.rom
  • ng-sm1.rom
  • zip32.dll
    .dll windows:4 windows x86 arch:x86

    db1e4d25a40dfd2a9f2ff326c81166fe


    Headers

    Imports

    Exports

    Sections