General

  • Target

    625bf2a6585da6b2f05a1bca2e1fe36f_JaffaCakes118

  • Size

    6.4MB

  • MD5

    625bf2a6585da6b2f05a1bca2e1fe36f

  • SHA1

    e73332882fe23c2e9bcf542558958cdc0456609a

  • SHA256

    a337a3840f5cc454208fb90d6624ceb98607088b5f91ea2fa2ed8597c6ba2f61

  • SHA512

    67bea5fb4c2642f7f4adb259813dca597ea0c028cf1b917fc07cdd629c0d3266f50777c9242ea74b4b80213afb82ddc3153205b8800f992f7e017535fb96df80

  • SSDEEP

    196608:HFKDanajbyfgnllJem6ksvhc7+a9M1WTHVDb13V8dU2kAom:HFsq+6gnHJukmc616VDb1Gde1m

Score
7/10
upx

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 4 IoCs

    Detects file using ACProtect software.

  • UPX packed file 4 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 52 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 8 IoCs

Files

  • 625bf2a6585da6b2f05a1bca2e1fe36f_JaffaCakes118
    .rar
  • IPODsetup.exe
    .exe windows:4 windows x86 arch:x86

    7fa974366048f9c551ef45714595665e


    Headers

    Imports

    Sections

  • $PLUGINSDIR/Banner.dll
    .dll windows:4 windows x86 arch:x86

    7a3709b093081d5614be1eaa2fe7fe76


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/BrandingURL.dll
    .dll windows:4 windows x86 arch:x86

    135de77644e2add2fd9dd8176740e7e0


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/Delay.dll
    .dll windows:4 windows x86 arch:x86

    bb13ae3bcb238d1bf689a931b2a56cd6


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/Downloader.exe
    .exe windows:4 windows x86 arch:x86

    7fa974366048f9c551ef45714595665e


    Headers

    Imports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    2017f2acbdaa42ab3e4adeb8b4c37e7b


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/inetc.dll
    .dll windows:4 windows x86 arch:x86

    0719bab1ded9f205ce51560901cb3911


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    2017f2acbdaa42ab3e4adeb8b4c37e7b


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/inetc.dll
    .dll windows:4 windows x86 arch:x86

    0719bab1ded9f205ce51560901cb3911


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/modern-wizard.bmp
  • $PLUGINSDIR/nsDialogs.dll
    .dll windows:4 windows x86 arch:x86

    1e2884056e655f2b7bc5a904e352fc80


    Headers

    Imports

    Exports

    Sections

  • $SYSDIR/avisynth.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • $SYSDIR/avsplugin/ds.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • out.upx
    .dll windows:4 windows x86 arch:x86


    Headers

    Sections

  • $SYSDIR/devil.dll
    .dll windows:4 windows x86 arch:x86

    539dc2de9957ed66b1a3e23a9e595fd9


    Headers

    Imports

    Exports

    Sections

  • $SYSDIR/ds.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • out.upx
    .dll windows:4 windows x86 arch:x86


    Headers

    Sections

  • $SYSDIR/etherh264.dll
    .dll windows:4 windows x86 arch:x86

    67134e545652ed6bb28c7690063dcc3e


    Headers

    Imports

    Exports

    Sections

  • $SYSDIR/pncrt.dll
    .dll windows:4 windows x86 arch:x86

    828907b7a8ec04c9c4031e40ef2f76ec


    Headers

    Imports

    Exports

    Sections

  • $SYSDIR/pthreadGC2.dll
    .dll windows:4 windows x86 arch:x86

    4ed4b97c004af0f3c95aeb69c247d60b


    Headers

    Imports

    Exports

    Sections

  • ColorFilter.ax
    .dll regsvr32 windows:4 windows x86 arch:x86

    979e0f84feee8bd249cecc46473e5ef2


    Headers

    Imports

    Exports

    Sections

  • Downloader.exe
    .exe windows:4 windows x86 arch:x86

    7fa974366048f9c551ef45714595665e


    Headers

    Imports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    2017f2acbdaa42ab3e4adeb8b4c37e7b


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/inetc.dll
    .dll windows:4 windows x86 arch:x86

    0719bab1ded9f205ce51560901cb3911


    Headers

    Imports

    Exports

    Sections

  • HtmlView.fne
    .dll windows:4 windows x86 arch:x86

    7cf927755417252449a422e31928491b


    Headers

    Imports

    Exports

    Sections

  • MoviePlayer.ocx
    .dll regsvr32 windows:4 windows x86 arch:x86

    ec32bf7c116effb11e6c21ca64047f4b


    Headers

    Imports

    Exports

    Sections

  • RealMediaSplitter.ax
    .dll regsvr32 windows:4 windows x86 arch:x86

    092c362fafa1e9277558c0e5612fdfba


    Headers

    Imports

    Exports

    Sections

  • SkinMagic.dll
    .dll windows:4 windows x86 arch:x86

    17c01c37c9a203f4e480989938af599f


    Headers

    Imports

    Exports

    Sections

  • Up.Ini
  • asfsplliter.ax
    .dll regsvr32 windows:4 windows x86 arch:x86

    61540ae4d5f1fe29babe6b430f77a241


    Headers

    Imports

    Exports

    Sections

  • atrc.dll
    .dll windows:4 windows x86 arch:x86

    5132cde9ac8899a69f40dfaacc320c4d


    Headers

    Imports

    Exports

    Sections

  • cook.dll
    .dll windows:4 windows x86 arch:x86

    7186ef18b8145b9efacd73914d40cee0


    Headers

    Imports

    Exports

    Sections

  • devil.dll
    .dll windows:4 windows x86 arch:x86

    539dc2de9957ed66b1a3e23a9e595fd9


    Headers

    Imports

    Exports

    Sections

  • downlib.fne
    .dll windows:4 windows x86 arch:x86

    5b7b89cf97e6c9cb92a256b4dc3df833


    Headers

    Imports

    Exports

    Sections

  • drvc.com
    .exe windows:4 windows x86 arch:x86

    8ae851fad16e8c0e2f4ede2047717ea7


    Headers

    Imports

    Sections

  • drvc.dll
    .dll windows:4 windows x86 arch:x86

    5d841dc9603dda4e7058b842c1dedbfc


    Headers

    Imports

    Exports

    Sections

  • ds.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • out.upx
    .dll windows:4 windows x86 arch:x86


    Headers

    Sections

  • eCompress.fne
    .dll windows:4 windows x86 arch:x86

    8ff650a0e5dac613c5ee06a64bb8862b


    Headers

    Imports

    Exports

    Sections

  • ether.dll
    .dll windows:4 windows x86 arch:x86

    74fc5bc0ccbd06050b4bf237e858cd6f


    Headers

    Imports

    Exports

    Sections

  • etheraac.dll
    .dll windows:4 windows x86 arch:x86

    55e8afd7b436bd26c0b5ecea6bb9112a


    Headers

    Imports

    Exports

    Sections

  • etheraad.dll
    .dll windows:4 windows x86 arch:x86

    f3416510778e0ed24c0a63ebcddf420e


    Headers

    Imports

    Exports

    Sections

  • etheravs.exe
    .exe windows:4 windows x86 arch:x86

    f8c4dd6701597351802bdda218fd46d4


    Headers

    Imports

    Sections

  • internet.fne
    .dll windows:4 windows x86 arch:x86

    a0ac47f87c51f127efa0e1a85fead828


    Headers

    Imports

    Exports

    Sections

  • ipod.exe
    .exe windows:4 windows x86 arch:x86

    ae0a5112fe1176f4e5f6e1bc95e4c209


    Headers

    Imports

    Sections

  • krnln.fnr
    .dll windows:4 windows x86 arch:x86

    1021c4a553644f3ae1cb67958917960d


    Headers

    Imports

    Exports

    Sections

  • libmp3lame-0.dll
    .dll windows:4 windows x86 arch:x86

    964d7a9742ef4649521cb051fa6fedd4


    Headers

    Imports

    Exports

    Sections

  • option.ini
  • pncrt.dll
    .dll windows:4 windows x86 arch:x86

    828907b7a8ec04c9c4031e40ef2f76ec


    Headers

    Imports

    Exports

    Sections

  • pthreadGC2.dll
    .dll windows:4 windows x86 arch:x86

    4ed4b97c004af0f3c95aeb69c247d60b


    Headers

    Imports

    Exports

    Sections

  • raac.dll
    .dll windows:4 windows x86 arch:x86

    2569b16af6a5e82c06ef6aed87f5e148


    Headers

    Imports

    Exports

    Sections

  • shell.fne
    .dll windows:4 windows x86 arch:x86

    7bfe20f314273547fb9502c64706871e


    Headers

    Imports

    Exports

    Sections

  • uninst.exe
    .exe windows:4 windows x86 arch:x86

    7fa974366048f9c551ef45714595665e


    Headers

    Imports

    Sections

  • updata.exe
    .exe windows:4 windows x86 arch:x86

    ae0a5112fe1176f4e5f6e1bc95e4c209


    Headers

    Imports

    Sections

  • xvidcore.dll
    .dll windows:4 windows x86 arch:x86

    64a887ac6543ea563d71739a0a786b8f


    Headers

    Imports

    Exports

    Sections

  • 新云软件.url
    .url