Overview

overview

7

Static

static

3

651eb394ee...18.exe

windows7-x64

7

651eb394ee...18.exe

windows10-2004-x64

7

$PLUGINSDI...nt.dll

windows7-x64

3

$PLUGINSDI...nt.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/UAC.dll

windows7-x64

3

$PLUGINSDIR/UAC.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$R0.dll

windows7-x64

6

$R0.dll

windows10-2004-x64

6

$R2/NSIS.L...0_.exe

windows7-x64

1

$R2/NSIS.L...0_.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    651eb394ee94ea87b0fed7a6f7c85fd9_JaffaCakes118

  • Size

    213KB

  • MD5

    651eb394ee94ea87b0fed7a6f7c85fd9

  • SHA1

    f1ea688ea4aeeeeb009723940dd6367c4f9a8072

  • SHA256

    a30d3ed028c6d2e6ec59be99abeb980aae3bde5f78c8db78f24b8bfa964a9741

  • SHA512

    039f1d6576c7d52c791415cfdbbe764b449d50c1c85a86c326ad64d2e894075a7da8c22a56743fa576cab79efb55b498e2921fe84b3f75cae155cd8939f4498f

  • SSDEEP

    3072:sQIURTXJaZaJsBsOOYv+QRLHgT1SZ9cW3S5+veLLLehVRY5G4p2PxEfGmrQtoplj:ssABBsOO0LAT1GmehV6L8EfKuWU

Score
3/10

Malware Config

Signatures

  • Unsigned PE 6 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 2 IoCs
    installer

Files

  • 651eb394ee94ea87b0fed7a6f7c85fd9_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    099c0646ea7282d232219f8807883be0


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/ButtonEvent.dll
    .dll windows:5 windows x86 arch:x86

    0ece15e7d9bb35972aec701f46192460


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    2017f2acbdaa42ab3e4adeb8b4c37e7b


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/UAC.dll
    .dll windows:4 windows x86 arch:x86

    2274cc1534607459cdd304a928601ef9


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/modern-wizard.bmp
  • $PLUGINSDIR/nsDialogs.dll
    .dll windows:4 windows x86 arch:x86

    1e2884056e655f2b7bc5a904e352fc80


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/superfish.bmp
  • $R0
    .dll regsvr32 windows:5 windows x86 arch:x86

    afa59bcfbbb803cada49a48c040ea4ea


    Headers

    Imports

    Exports

    Sections

  • $R2/NSIS.Library.RegTool.v3.$_50_.exe
    .exe windows:4 windows x86 arch:x86

    a56a9c58ddb2b2da8fde66551747ce70


    Headers

    Imports

    Sections

  • Settings.xml
    .xml
  • Uninstall.exe.nsis