Overview

overview

7

Static

static

7

mppjsetup.exe

windows7-x64

7

mppjsetup.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...sh.dll

windows7-x64

3

$PLUGINSDI...sh.dll

windows10-2004-x64

3

client/index.html

windows7-x64

1

client/index.html

windows10-2004-x64

1

client/view/list.exe

windows7-x64

1

client/view/list.exe

windows10-2004-x64

1

data.exe

windows7-x64

1

data.exe

windows10-2004-x64

1

mppj.exe

windows7-x64

4

mppj.exe

windows10-2004-x64

4

mpsoftup.exe

windows7-x64

3

mpsoftup.exe

windows10-2004-x64

7

mpweb.exe

windows7-x64

1

mpweb.exe

windows10-2004-x64

1

readme.htm

windows7-x64

1

readme.htm

windows10-2004-x64

1

uninst.exe

windows7-x64

7

uninst.exe

windows10-2004-x64

7

新云软件.url

windows7-x64

1

新云软件.url

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    4a14a2901dff6245432020161b63e68d_JaffaCakes118

  • Size

    5.2MB

  • MD5

    4a14a2901dff6245432020161b63e68d

  • SHA1

    1f7464209bbd313eed1046113fa8fd4a9328f3b0

  • SHA256

    00367862732206c75d41ad265f67b9d285ab36120aa318ae4e4d331cdc7ecbd0

  • SHA512

    2732b5dfb4eed73c817b9b2b3d81410de8e1042eb9a073955c756199986c13dccbb96d68087f72eeb6e7424558e1e99fede177ef1a3d5e3dae9ca30f3f6cbc5f

  • SSDEEP

    98304:I5dKB/IeKP3xpfHjErghvSuxJjn3l55IsYjDCH5Y+s/znteyRP:I50GeaBtDKovSC11ZYAc

Score
7/10
aspackv2

Malware Config

Signatures

  • ASPack v2.12-2.42 2 IoCs

    Detects executables packed with ASPack v2.12-2.42

    aspackv2
  • Unsigned PE 9 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 2 IoCs
    installer

Files

  • 4a14a2901dff6245432020161b63e68d_JaffaCakes118
    .rar
  • mppjsetup.exe
    .exe windows:4 windows x86 arch:x86

    9632e80596371cfa7f563f680f3c4498


    Headers

    Imports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    3764e6c387ce3c76b39936a24d523dce


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/advsplash.dll
    .dll windows:4 windows x86 arch:x86

    41e025c99a5f731479582ce64a2527f4


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-header.bmp
  • $PLUGINSDIR/modern-wizard.bmp
  • $TEMP/spltmp.bmp
  • client/index.html
    .html
  • client/view/list.exe
    .exe windows:1 windows x86 arch:x86


    Headers

    Sections

  • data.exe
    .exe windows:1 windows x86 arch:x86


    Headers

    Sections

  • data/mpdata.mdb
  • help/about.jpg
    .jpg
  • help/before.gif
    .gif
  • help/boxset.jpg
    .jpg
  • help/rjdj.gif
    .gif
  • help/rjqy.gif
    .gif
  • help/snap1.jpg
    .jpg
  • help/snap10.jpg
    .jpg
  • help/snap11.jpg
    .jpg
  • help/snap12.gif
  • help/snap13.jpg
    .jpg
  • help/snap14.jpg
    .jpg
  • help/snap15.jpg
    .jpg
  • help/snap16.jpg
    .jpg
  • help/snap17.jpg
    .jpg
  • help/snap18.jpg
    .jpg
  • help/snap19.jpg
    .jpg
  • help/snap2.jpg
    .jpg
  • help/snap20.jpg
    .jpg
  • help/snap21.jpg
    .jpg
  • help/snap22.jpg
    .jpg
  • help/snap23.jpg
    .jpg
  • help/snap24.jpg
    .jpg
  • help/snap25.jpg
    .jpg
  • help/snap26.jpg
    .jpg
  • help/snap27.jpg
    .jpg
  • help/snap28.jpg
    .jpg
  • help/snap29.jpg
    .jpg
  • help/snap3.jpg
    .jpg
  • help/snap30.jpg
    .jpg
  • help/snap31.jpg
    .jpg
  • help/snap32.jpg
    .jpg
  • help/snap33.jpg
    .jpg
  • help/snap34.jpg
    .jpg
  • help/snap35.jpg
    .jpg
  • help/snap36.jpg
    .jpg
  • help/snap37.jpg
    .jpg
  • help/snap38.jpg
    .jpg
  • help/snap39.jpg
    .jpg
  • help/snap4.jpg
    .jpg
  • help/snap5.jpg
    .jpg
  • help/snap6.jpg
    .jpg
  • help/snap7.jpg
    .jpg
  • help/snap8.jpg
    .jpg
  • help/snap9.jpg
    .jpg
  • mppj.exe
    .exe windows:1 windows x86 arch:x86


    Headers

    Sections

  • mpsoftup.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • mpsoftup.ini
  • mpweb.exe
    .exe windows:1 windows x86 arch:x86


    Headers

    Sections

  • readme.htm
    .html
  • report/RMcf.mtf
  • report/RMfy.mtf
  • report/RMghssp.mtf
  • report/RMhkjl.mtf
  • report/RMhkjs.mtf
  • report/RMkb.mtf
  • report/RMkcdb.mtf
  • report/RMkhfk.mtf
  • report/RMkhjh.mtf
  • report/RMlsxs.mtf
  • report/RMpfxs.mtf
  • report/RMposxs.mtf
  • report/RMspbs.mtf
  • report/RMspby.mtf
  • report/RMsr.mtf
  • report/RMwxd.mtf
  • report/RMxsth.mtf
  • report/rmcgjh.mtf
  • report/rmcgth.mtf
  • report/rmghsfk.mtf
  • uninst.exe
    .exe windows:4 windows x86 arch:x86

    9632e80596371cfa7f563f680f3c4498


    Headers

    Imports

    Sections

  • $PLUGINSDIR/modern-header.bmp
  • 新云软件.url
    .url