Overview

overview

8

Static

static

7

FPC411/FPC.exe

windows7-x64

3

FPC411/FPC.exe

windows10-2004-x64

3

FPC411/Model7.dll

windows7-x64

1

FPC411/Model7.dll

windows10-2004-x64

1

FPC411/Model8.dll

windows7-x64

1

FPC411/Model8.dll

windows10-2004-x64

1

FPC411/Model9.dll

windows7-x64

1

FPC411/Model9.dll

windows10-2004-x64

1

FPC411/Scr.dll

windows7-x64

1

FPC411/Scr.dll

windows10-2004-x64

1

FPC411/ins..._x.exe

windows7-x64

8

FPC411/ins..._x.exe

windows10-2004-x64

8

$PLUGINSDI...ay.dll

windows7-x64

3

$PLUGINSDI...ay.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...fo.dll

windows7-x64

3

$PLUGINSDI...fo.dll

windows10-2004-x64

3

$PLUGINSDI...ll.dll

windows7-x64

3

$PLUGINSDI...ll.dll

windows10-2004-x64

3

$PLUGINSDI...ec.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows10-2004-x64

3

Flash9e.dll

windows7-x64

1

Flash9e.dll

windows10-2004-x64

1

FlashUtil9e.exe

windows7-x64

1

FlashUtil9e.exe

windows10-2004-x64

1

FPC411/新...��.url

windows7-x64

1

FPC411/新...��.url

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    663177581b2be94f003e5f6aba84248e_JaffaCakes118

  • Size

    4.2MB

  • MD5

    663177581b2be94f003e5f6aba84248e

  • SHA1

    71233f2191416e4933619e75c5db547ab6b53320

  • SHA256

    bca64540a033b12247f730c2afaad55f710c1e5054c297b84ea56e50388079fe

  • SHA512

    6a4470c289576e91c74beab5c7fd3080420bed743246f57af55c47d1be7d6a0456ecf994f726396096c771c2222db65a160fb26c20523d6372b87ca77ea30994

  • SSDEEP

    98304:6chh0hYdLuruK4eb8QXv2YY9s84dW55TuDocfmHf2v:6Sh0uLu/6bF9s8F5TgUf2v

Score
7/10
aspackv2

Malware Config

Signatures

  • ASPack v2.12-2.42 1 IoCs

    Detects executables packed with ASPack v2.12-2.42

    aspackv2
  • Unsigned PE 6 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 1 IoCs
    installer

Files

  • 663177581b2be94f003e5f6aba84248e_JaffaCakes118
    .rar
  • FPC411/FPC.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • FPC411/Model7.DLL
  • FPC411/Model8.DLL
  • FPC411/Model9.DLL
  • FPC411/Scr.DLL
  • FPC411/install_flash_player_active_x.exe
    .exe windows:4 windows x86 arch:x86

    f14903f539cc8667478f89ca4497258f


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/NSISArray.dll
    .dll windows:4 windows x86 arch:x86

    91596216b99c852af6e0fb1fe8192de4


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    4ec328f99bdd944fc98d8a5cf11f7a62


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/UserInfo.dll
    .dll windows:4 windows x86 arch:x86

    48cfa0ea7e353e4a7dd23572da8374ef


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/fpinstall.dll
    .dll windows:4 windows x86 arch:x86

    a0e10fcdc760579839968256f9da949d


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsExec.dll
    .dll windows:4 windows x86 arch:x86

    238a16a49edf3ab59e2f8c89449c9af7


    Headers

    Imports

    Exports

    Sections

  • Flash9e.ocx
    .dll regsvr32 windows:4 windows x86 arch:x86

    4928e0f60d9897638949fa9905b5cdd3


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • FlashUtil9e.exe
    .exe windows:4 windows x86 arch:x86

    a9d79d340821ec352051fcf0138d0a55


    Code Sign

    Headers

    Imports

    Sections

  • uninstall_activeX.exe.nsis
  • FPC411/新云软件.url
    .url