General

  • Target

    48efac186e9b13c293153629f60376d8_JaffaCakes118

  • Size

    1.1MB

  • MD5

    48efac186e9b13c293153629f60376d8

  • SHA1

    4fde6f0e4833e3812a71e0dd2f99cb6f3a13de3d

  • SHA256

    9374ddce01ef128b4e6dcb4baf7de1bf4b17024ff58fbb9fd2c01f9cebd6fbaf

  • SHA512

    c4dea4b30522ba4e37ae3e0a108d42fdee04bb0eccbd7cde1dc071e2b400bdcf2855dc62be2866649f60aa82c6b49f203b02d9d19ab216ffa294228da29d3aa5

  • SSDEEP

    24576:LqaAReuFqacorBTmC8PimgAKeeiRiovQJS2Lxzy9bStwcDbdiQZi4qO:LbAReuRc2ePLKAlepYEwZQuO

Score
3/10

Malware Config

Signatures

  • Unsigned PE 4 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 4 IoCs

Files

  • 48efac186e9b13c293153629f60376d8_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    7fa974366048f9c551ef45714595665e


    Headers

    Imports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    b1cd0d78f652ce5fc63f0879371af012


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-wizard.bmp
  • License.txt
  • Miranda Password Recovery Help.chm
    .chm
  • MirandaPasswordRecovery.exe
    .exe windows:5 windows x86 arch:x86

    2fe73e7b76fcf22f6e2c6830313ff36e


    Headers

    Imports

    Sections

  • image/AboutMiranda.bmp
  • image/Bottom.bmp
  • image/ButtonBuyNow.bmp
  • image/ButtonCancel.bmp
  • image/ButtonClose.bmp
  • image/ButtonEvaluate.bmp
  • image/ButtonExit.bmp
  • image/ButtonMin.bmp
  • image/ButtonOK.bmp
  • image/ButtonRecovery.bmp
  • image/Left.bmp
  • image/Right.bmp
  • image/Thumbs.db
  • image/Top.bmp
  • image/TopAbout.bmp
  • image/TopBuyNow.bmp
  • image/TopFound.bmp
  • image/TopRegistration.bmp
  • image/about.bmp
  • image/buynow.bmp
  • image/help.bmp
  • image/left_panel.bmp
  • image/list_hearder.bmp
  • image/register.bmp
  • image/top_panel.bmp
  • uninst.exe
    .exe windows:4 windows x86 arch:x86

    7fa974366048f9c551ef45714595665e


    Headers

    Imports

    Sections