Overview

overview

7

Static

static

3

5f6ba4e352...18.exe

windows7-x64

7

5f6ba4e352...18.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$R0.dll

windows7-x64

1

$R0.dll

windows10-2004-x64

1

$R2/NSIS.L...4_.exe

windows7-x64

1

$R2/NSIS.L...4_.exe

windows10-2004-x64

1

$SYSDIR/lame_enc.dll

windows7-x64

3

$SYSDIR/lame_enc.dll

windows10-2004-x64

3

bin/lame_enc.dll

windows7-x64

3

bin/lame_enc.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5f6ba4e352fc22c7b297e827116ec71d_JaffaCakes118

  • Size

    2.0MB

  • MD5

    5f6ba4e352fc22c7b297e827116ec71d

  • SHA1

    6513a96d9e58ffbb5fcd088284ed875b09a6bd5a

  • SHA256

    8c8d10fbaaa935d58148cd1d2aadcac64b019acd2a93a4f55daa0328c537a0f0

  • SHA512

    e8ef63191a3746eb10d12e92128f032b84ecd4f946bc32810a0f67b1c895b824f7c492872002f593f874376dff541fc626c592edeef47334ea92ee37b387c8b0

  • SSDEEP

    49152:2xTBsjOlI+tN9B7ndw2yIYJQcGRbGDcUfoH8PBQZ5mx/U4:23lI0Pnw2yIQBIbGDcUfBpQZgx/U4

Score
3/10

Malware Config

Signatures

  • Unsigned PE 8 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 2 IoCs
    installer

Files

  • 5f6ba4e352fc22c7b297e827116ec71d_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    7fa974366048f9c551ef45714595665e


    Headers

    Imports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    b1cd0d78f652ce5fc63f0879371af012


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/LangDLL.dll
    .dll windows:4 windows x86 arch:x86

    9b6b6a7858e17fb0b17e1c1428330343


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    2017f2acbdaa42ab3e4adeb8b4c37e7b


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-wizard.bmp
  • $R0
    .dll regsvr32 windows:4 windows x86 arch:x86

    3708bef5cd6e5fb503b4de6477d1b421


    Headers

    Imports

    Exports

    Sections

  • $R2/NSIS.Library.RegTool.v3.$_4_.exe
    .exe windows:4 windows x86 arch:x86

    a56a9c58ddb2b2da8fde66551747ce70


    Headers

    Imports

    Sections

  • $SYSDIR/lame_enc.dll
    .dll windows:4 windows x86 arch:x86

    fa173586a4b0eb0918ead3f1c5015cc2


    Headers

    Imports

    Exports

    Sections

  • bin/COPYING.LGPL
  • bin/lame_enc.dll
    .dll windows:4 windows x86 arch:x86

    fa173586a4b0eb0918ead3f1c5015cc2


    Headers

    Imports

    Exports

    Sections

  • bin/readme.txt