exec
isdone
wait
General
-
Target
632493e000925f29c255af6c61073bcb_JaffaCakes118
-
Size
14.0MB
-
MD5
632493e000925f29c255af6c61073bcb
-
SHA1
32ed21cf675146b7876d8dbdd1a46c85a427b68f
-
SHA256
714ab6dbc0013d8ace4afd403a2b95706461fcacde96d4f834382bb936d3a70d
-
SHA512
61f6bf69c76c036d687c9244092a77290f041064dc04c1827b0bbae993cad920c25a0f39a2312cedbc680fa8ace625dfadaf9e4f4b7fe045f1756822033e3e09
-
SSDEEP
393216:DpkhnXpAq02BDEd38OsA9JLpycxA7C2xgen:DWnXpA8438hAZycxoCIvn
Score
7/10
Malware Config
Signatures
-
UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Unsigned PE 57 IoCs
Checks for missing Authenticode signature.
-
NSIS installer 13 IoCs
Files
-
632493e000925f29c255af6c61073bcb_JaffaCakes118
7fa974366048f9c551ef45714595665e
Headers
Imports
Sections
-
$PLUGINSDIR/ExecDos.dll
2dfc6a992d004b736e85c64219a88b4a
Headers
Imports
Exports
Sections
-
$PLUGINSDIR/InstallOptions.dll
b1cd0d78f652ce5fc63f0879371af012
Headers
Imports
Exports
Sections
-
$PLUGINSDIR/System.dll
2017f2acbdaa42ab3e4adeb8b4c37e7b
Headers
Imports
Exports
Sections
-
$PLUGINSDIR/iOClean.ini
-
$PLUGINSDIR/ioSpecial.ini
-
$PLUGINSDIR/modern-wizard.bmp
-
$TEMPImg/Installer.exe
7fa974366048f9c551ef45714595665e
Headers
Imports
Sections
-
$PLUGINSDIR/System.dll
2017f2acbdaa42ab3e4adeb8b4c37e7b
Headers
Imports
Exports
Sections
-
$TEMPImg/FVM.exe
81638d02019c0bfcaaf23a9c69f2f12c
Code Sign
Headers
Imports
Sections
-
$TEMPImg/PazeraToolbar.exe
7fa974366048f9c551ef45714595665e
Code Sign
Headers
Imports
Sections
-
$PLUGINSDIR/CABSetup.dll
5070fa13a62547a5beae58004a204cbb
Headers
Imports
Exports
Sections
-
$PLUGINSDIR/InetLoad.dll
24a4a671f5cc294ce3543d18a1e873cd
Headers
Imports
Exports
Sections
-
$PLUGINSDIR/InstallOptions.dll
57354bdeea3dfae6e948101add87501a
Headers
Imports
Exports
Sections
-
$PLUGINSDIR/ScrollLicense.dll
674bbf1e72dbf6f2664d8aea288261e0
Headers
Imports
Exports
Sections
-
$PLUGINSDIR/System.dll
4ec328f99bdd944fc98d8a5cf11f7a62
Headers
Imports
Exports
Sections
-
$PLUGINSDIR/UserInfo.dll
48cfa0ea7e353e4a7dd23572da8374ef
Headers
Imports
Exports
Sections
-
$PLUGINSDIR/dca.ini
-
$PLUGINSDIR/frtb_static_files.cab
-
Helper.dll
34a3df05d2cc08ee3da4457ce628c357
Headers
Imports
Exports
Sections
-
ImageConversion.dll
44781c6895de7935eaa213d8ae356e35
Headers
Imports
Exports
Sections
-
RSSReader_plugin.dll
a654a29e2f99af5247506fac6ee4864b
Headers
Imports
Exports
Sections
-
RadioPlugin.dll
8e37a09dc6394fe8978f45de107c05a9
Headers
Imports
Exports
Sections
-
SearchComponent.dll
6299116dafc34c4ef19d19e43b8d6694
Headers
Imports
Exports
Sections
-
Toolbar.dll
be7add6560b15c5bc3f7a0b1f583a08e
Headers
Imports
Exports
Sections
-
TroubleShooter.exe
7e560e1cf79aa015363d94a640ecdbbb
Headers
Imports
Sections
-
aboutTabs.7.js
-
aboutTabs.8.js
-
audio.bmp
-
banner_container.html
-
blockcursor.cur
-
blocksound.wav
-
bookmark_off.bmp
-
bookmark_on.bmp
-
bookmarksplugin.dll
e563b5e0ac42ca459ba9f51cfd361743
Headers
Imports
Exports
Sections
-
bubble_permissions.html
-
build
-
caching_banner.html
-
chevron.bmp
-
component.xsl
-
efolder.bmp
-
email.bmp
-
email2.bmp
-
emailchecker_plugin.dll
12417e76af468159503b8e5ed44b08c9
Headers
Imports
Exports
Sections
-
facebook.feature
-
fbrss.xsl
-
ff.xsl
-
folder.bmp
-
gedit.exe
a795589b34089fa942ee977fd356efd0
Headers
Imports
Sections
-
iefavelem.bmp
-
images/msgbox/down.gif
-
images/msgbox/hr.bmp
-
images/msgbox/mark.png
-
images/msgbox/mark_do.png
-
images/msgbox/mark_na.png
-
images/msgbox/navbg.bmp
-
images/msgbox/refresh.png
-
images/msgbox/refresh_do.png
-
images/msgbox/refresh_na.png
-
images/msgbox/trash.png
-
images/msgbox/trash_do.png
-
images/msgbox/trash_na.png
-
images/msgbox/unmark.png
-
images/msgbox/unmark_do.png
-
images/msgbox/unmark_na.png
-
images/msgbox/up.gif
-
images/ticker/left.gif
-
images/ticker/right.gif
-
images/weather/0.bmp
-
images/weather/1.bmp
-
images/weather/10.bmp
-
images/weather/11.bmp
-
images/weather/12.bmp
-
images/weather/13.bmp
-
images/weather/14.bmp
-
images/weather/15.bmp
-
images/weather/16.bmp
-
images/weather/17.bmp
-
images/weather/18.bmp
-
images/weather/19.bmp
-
images/weather/2.bmp
-
images/weather/20.bmp
-
images/weather/21.bmp
-
images/weather/22.bmp
-
images/weather/23.bmp
-
images/weather/24.bmp
-
images/weather/25.bmp
-
images/weather/26.bmp
-
images/weather/27.bmp
-
images/weather/28.bmp
-
images/weather/29.bmp
-
images/weather/3.bmp
-
images/weather/30.bmp
-
images/weather/31.bmp
-
images/weather/32.bmp
-
images/weather/33.bmp
-
images/weather/34.bmp
-
images/weather/35.bmp
-
images/weather/36.bmp
-
images/weather/37.bmp
-
images/weather/38.bmp
-
images/weather/39.bmp
-
images/weather/4.bmp
-
images/weather/40.bmp
-
images/weather/41.bmp
-
images/weather/42.bmp
-
images/weather/43.bmp
-
images/weather/44.bmp
-
images/weather/45.bmp
-
images/weather/46.bmp
-
images/weather/47.bmp
-
images/weather/5.bmp
-
images/weather/6.bmp
-
images/weather/7.bmp
-
images/weather/8.bmp
-
images/weather/9.bmp
-
images/weather/hr.bmp
-
images/weather/na.bmp
-
images/weather/png/0.png
-
images/weather/png/1.png
-
images/weather/png/10.png
-
images/weather/png/11.png
-
images/weather/png/12.png
-
images/weather/png/13.png
-
images/weather/png/14.png
-
images/weather/png/15.png
-
images/weather/png/16.png
-
images/weather/png/17.png
-
images/weather/png/18.png
-
images/weather/png/19.png
-
images/weather/png/2.png
-
images/weather/png/20.png
-
images/weather/png/21.png
-
images/weather/png/22.png
-
images/weather/png/23.png
-
images/weather/png/24.png
-
images/weather/png/25.png
-
images/weather/png/26.png
-
images/weather/png/27.png
-
images/weather/png/28.png
-
images/weather/png/29.png
-
images/weather/png/3.png
-
images/weather/png/30.png
-
images/weather/png/31.png
-
images/weather/png/32.png
-
images/weather/png/33.png
-
images/weather/png/34.png
-
images/weather/png/35.png
-
images/weather/png/36.png
-
images/weather/png/37.png
-
images/weather/png/38.png
-
images/weather/png/39.png
-
images/weather/png/4.png
-
images/weather/png/40.png
-
images/weather/png/41.png
-
images/weather/png/42.png
-
images/weather/png/43.png
-
images/weather/png/44.png
-
images/weather/png/45.png
-
images/weather/png/46.png
-
images/weather/png/47.png
-
images/weather/png/5.png
-
images/weather/png/6.png
-
images/weather/png/7.png
-
images/weather/png/8.png
-
images/weather/png/9.png
-
images/weather/png/na.png
-
location.xsl
-
magglass.ico
-
manage_bookmarks.html
-
marquee.html
-
marquee_permissions.html
-
messaging.bmp
-
minus.bmp
-
msgbox_bubble.tmpl
-
msgbox_openmsg.tmpl
-
msgboxplugin.dll
f5bf42725c49d4c113e19d01bba98d36
Headers
Imports
Exports
Sections
-
offline.html
-
plus.bmp
-
podcast.bmp
-
podcast.xsl
-
radio.bmp
-
resize.bmp
-
rssfeed.bmp
-
search.xsl
-
skins/radio/gray03/Equalizer1.bmp
-
skins/radio/gray03/Equalizer2.bmp
-
skins/radio/gray03/Equalizer3.bmp
-
skins/radio/gray03/Equalizer4.bmp
-
skins/radio/gray03/Equalizer5.bmp
-
skins/radio/gray03/Equalizer6.bmp
-
skins/radio/gray03/btn_dropdwn_down.bmp
-
skins/radio/gray03/btn_dropdwn_over.bmp
-
skins/radio/gray03/btn_dropdwn_up.bmp
-
skins/radio/gray03/btn_max_down.bmp
-
skins/radio/gray03/btn_max_over.bmp
-
skins/radio/gray03/btn_max_up.bmp
-
skins/radio/gray03/btn_min_down.bmp
-
skins/radio/gray03/btn_min_over.bmp
-
skins/radio/gray03/btn_min_up.bmp
-
skins/radio/gray03/btn_pause_down.bmp
-
skins/radio/gray03/btn_pause_over.bmp
-
skins/radio/gray03/btn_pause_up.bmp
-
skins/radio/gray03/btn_play_down.bmp
-
skins/radio/gray03/btn_play_over.bmp
-
skins/radio/gray03/btn_play_up.bmp
-
skins/radio/gray03/btn_playcntrl_over.bmp
-
skins/radio/gray03/btn_playcntrl_up.bmp
-
skins/radio/gray03/btn_stop_down.bmp
-
skins/radio/gray03/btn_stop_over.bmp
-
skins/radio/gray03/btn_stop_up.bmp
-
skins/radio/gray03/btn_volcntrl_over.bmp
-
skins/radio/gray03/btn_volcntrl_up.bmp
-
skins/radio/gray03/playcntrl_bg.bmp
-
skins/radio/gray03/radio.bmp
-
skins/radio/gray03/radio_mask.bmp
-
skins/radio/gray03/radio_minimalized.bmp
-
skins/radio/gray03/radio_minimalized_mask.bmp
-
skins/radio/gray03/station.bmp
-
skins/radio/gray03/vol_01.bmp
-
skins/radio/gray03/vol_02.bmp
-
skins/radio/gray03/vol_03.bmp
-
skins/radio/gray03/volslide_bg.bmp
-
skins/radio/gray03/volslide_track.bmp
-
star_on.gif
-
update_progress.html
-
version.txt
-
version.xsl
-
weather_bubble.tmpl
-
weatherplugin.dll
36574711ddac880ec666c66830955202
Headers
Imports
Exports
Sections
-
$PLUGINSDIR/gplunger.dll
bb24ab9fddb167f7754f91e378a2b052
Headers
Imports
Exports
Sections
-
$PLUGINSDIR/ioSpecial.ini
-
$PLUGINSDIR/modern-wizard.bmp
-
$PLUGINSDIR/nsExec.dll
053c8c5da7b5f6a2513024b82859e1b0
Headers
Imports
Exports
Sections
-
$PLUGINSDIR/nsisFirewall.dll
1a4c99175e8891c64634680f4f238d51
Headers
Imports
Exports
Sections
-
$PLUGINSDIR/options.ini
-
$PLUGINSDIR/textreplace.dll
c9b875d3f7604775d782afcb308d92df
Headers
Imports
Exports
Sections
-
$PLUGINSDIR/unicode.dll
05f29a3dc3b7096bfdca7ddbd6b47dd0
Headers
Imports
Exports
Sections
-
ToolbarUpdate.exe
b4785ab5f09590fd79c781ce7cb4fba2
Code Sign
Headers
Imports
Sections
-
Uninst.exe.nsis
-
default.xml
-
icons.bmp
-
images/amazon.bmp
-
images/ebay.bmp
-
images/email.bmp
-
images/email2.bmp
-
images/wikipedia.bmp
-
images/yahoo.bmp
-
localization.xml
-
patch.bat
-
settings
-
ticker.html
-
$TEMPImg/VerControl.exe
514a9a1e5bae119ec76c5ca238859d46
Headers
Imports
Sections
-
$TEMPImg/askToolbarInstaller-1.9.1.0.exe
7fa974366048f9c551ef45714595665e
Headers
Imports
Sections
-
$PLUGINSDIR/ExecDos.dll
b997a221e444f5e6463b28778735cf2b
Headers
Imports
Exports
Sections
-
$PLUGINSDIR/System.dll
2017f2acbdaa42ab3e4adeb8b4c37e7b
Headers
Imports
Exports
Sections
-
$TEMPImg/ApnIC.dll
0a90a95f9366c4237127aaf88551ac12
Code Sign
Headers
Imports
Exports
Sections
-
$TEMPImg/ApnStub.exe
86fb79068ef3ff29722239f60c6b67f4
Code Sign
Headers
Imports
Sections
-
$TEMPImg/ApnToolbarInstaller.exe
710deed9ec637659e39599bbee51e458
Code Sign
Headers
Imports
Sections
-
Installer.ico
-
Uninst.exe
7fa974366048f9c551ef45714595665e
Headers
Imports
Sections
-
$TEMPImg/chk.exe
514a9a1e5bae119ec76c5ca238859d46
Headers
Imports
Sections
-
Uninst.exe
7fa974366048f9c551ef45714595665e
Headers
Imports
Sections
-
$PLUGINSDIR/Processes.dll
f5edecae12589e705677a6e272ad0394
Headers
Imports
Exports
Sections
-
$TEMPImg/ioClean.ini
-
CREDITS.txt
-
Copy of VEMODE.hta
-
DGMPGDec/COPYING.txt
-
DGMPGDec/Changes.txt
-
DGMPGDec/DGDecode.dll
adf02f89cfd29d9adf428c1fa940ac04
Headers
Imports
Exports
Sections
-
DGMPGDec/DGDecodeManual.html
-
DGMPGDec/DGIndex.exe
240e8aac7932ba1247500895b2d1ef5e
Headers
Imports
Sections
-
DGMPGDec/DGIndex.ini
-
DGMPGDec/DGIndexManual.html
-
DGMPGDec/DGVfapi.txt
-
DGMPGDec/DGVfapi.vfp
dc55df82b2689a79a8e07f86d6c0577a
Headers
Imports
Exports
Sections
-
DGMPGDec/QuickStart.html
-
Engine/MediaCellEngine.exe
84fea567b9c0a0768d6274d600db0301
Headers
Imports
Sections
-
Engine/MediaCellInfo.exe
8d9d808640434191a9aa2e5c9a8c6e54
Headers
Imports
Sections
-
License.txt
-
MediaCell.ico
-
MediaCellEngine.log
-
MediaCelliPhoneConverter.exe
198d1766cf9d8a9fb453b39438400b53
Headers
Imports
Sections
-
MediaCelliPhoneConverter.url
-
MediaInfo/MediaInfo.exe
Headers
Sections
-
SSEun.dat
-
Uninst.exe
7fa974366048f9c551ef45714595665e
Headers
Imports
Sections
-
$PLUGINSDIR/Processes.dll
f5edecae12589e705677a6e272ad0394
Headers
Imports
Exports
Sections
-
Uninstal.exe
aa63262a51ced48e4eb3425d55979426
Headers
Imports
Sections
-
VEMODE.hta
-
VEMODE.htm
-
Vobsub/VSFilter.dll
b76ab1e775224829590499c1569f51df
Headers
Imports
Exports
Sections
-
Vobsub/vobsub.dll
440dd73ebc9dced95efe7c587395f883
Headers
Imports
Exports
Sections
-
apbarSp.infima.exe
c922e147e9f3c3784bdc24731bb4e675
Headers
Imports
Sections
-
ask_already_installed.exe
1266c5786142cd017e385a436ba42c30
Headers
Imports
Sections
-
cat.exe
-
config.xml
-
defaultConfig.xml
-
enc.bat
-
help.chm
-
images/bg_convertor.PNG
-
images/bgrad.png
-
images/convertor/browse.jpg
-
images/convertor/browse_on.jpg
-
images/convertor/close.jpg
-
images/convertor/close_on.jpg
-
images/convertor/enable.jpg
-
images/convertor/enable_on.jpg
-
images/convertor/minimize.jpg
-
images/convertor/minimize_on.jpg
-
images/convertor/psp_BWP_on.jpg
-
images/convertor/psp_BW_on.jpg
-
images/convertor/psp_FWP_on.jpg
-
images/convertor/psp_FW_on.jpg
-
images/convertor/start.jpg
-
images/convertor/start_on.jpg
-
images/convertor/video converter10.png
-
images/enable.PNG
-
images/iphone.PNG
-
images/markin.jpg
-
images/markout.jpg
-
images/next.jpg
-
images/pixel.png
-
images/prev.jpg
-
images/reel.jpg
-
images/start_1.JPG
-
images/start_on.jpg
-
mediainfo.log
-
minfo.log
-
mmshot
-
register_ask.exe
1266c5786142cd017e385a436ba42c30
Headers
Imports
Sections
-
register_no_ask.exe
1266c5786142cd017e385a436ba42c30
Headers
Imports
Sections
-
shutdown.bat
-
sseexec.dat
8f309569d284fc0c6ce47bf15469a7f4
Headers
Imports
Sections
-
success.exe
1266c5786142cd017e385a436ba42c30
Headers
Imports
Sections
-
tools/register.exe
492138ce5716142bee4b8c6ddf19a2c0
Headers
Imports
Sections
-
tools/register_y.exe
492138ce5716142bee4b8c6ddf19a2c0
Headers
Imports
Sections
-
vemode.cfg
-
vm.htj
-
vmscreen.jpg