General

  • Target

    872cb4a12450f02181c44bce23b57720_JaffaCakes118

  • Size

    16.7MB

  • MD5

    872cb4a12450f02181c44bce23b57720

  • SHA1

    3d55cc113bccef0cd2fcbab0877600b79a86a5d9

  • SHA256

    a7b31faafd0c3f0f0dbf639f87b417e9a38108c7ee489523eb2fae1df2922027

  • SHA512

    9b3f1b54c7130d3e5435a437af9d0cb6a422908e0399fd27ae2d5d176b0e443f308d6b6609013bf653a0818ede9f9d49309e8ce417522c16a44dde59bfb056b8

  • SSDEEP

    393216:Og/r552RqOnkHNz3eA0yrUmdCPYpfVzsDzQaYHcxJthh/:OK5gqAkkA0sdCPYfVze7JnJ

Score
3/10

Malware Config

Signatures

  • Unsigned PE 35 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 2 IoCs

Files

  • 872cb4a12450f02181c44bce23b57720_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    18bc6fa81e19f21156316b1ae696ed6b


    Headers

    Imports

    Sections

  • $PLUGINSDIR/BtmImg.bmp
  • $PLUGINSDIR/Header.bmp
  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    57354bdeea3dfae6e948101add87501a


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/LeftImg.bmp
  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    4ec328f99bdd944fc98d8a5cf11f7a62


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-wizard.bmp
  • BackUpRule/Reg.dat
  • BackUpRule/SystemProcess.dat
  • BackUpRule/SystemWrite.dat
  • BeatTrojanHelperOne.SYS
    .sys windows:4 windows x86 arch:x86

    d1f0406039487e26f077ad2cb3a0e81e


    Headers

    Imports

    Sections

  • BtHelpEight.dll
    .dll windows:4 windows x86 arch:x86

    f58eefc693856451be45512640ff99b6


    Headers

    Imports

    Exports

    Sections

  • BtHelpFive.dll
    .dll regsvr32 windows:4 windows x86 arch:x86

    49f2926b1ad999404f938023d15e0818


    Headers

    Imports

    Exports

    Sections

  • BtHelpFour.dll
    .dll windows:4 windows x86 arch:x86

    078837e0647c5d4e8f8f6c8a6bc2b175


    Headers

    Imports

    Exports

    Sections

  • BtHelpOne.dll
    .dll windows:4 windows x86 arch:x86

    7e80e6b043b7241c73a7d13c948793f5


    Headers

    Imports

    Exports

    Sections

  • BtHelpSeven.dll
    .dll windows:4 windows x86 arch:x86

    23bfe16c3384985a7bf274fff6d2cf45


    Headers

    Imports

    Exports

    Sections

  • BtHelpSix.dll
    .dll windows:4 windows x86 arch:x86

    8fef6524acfd8f800bc83808bf982dc7


    Headers

    Imports

    Exports

    Sections

  • BtHelpThree.dll
    .dll windows:4 windows x86 arch:x86

    4f45d29bc5e4ed87fc0b076154a9fb86


    Headers

    Imports

    Exports

    Sections

  • BtHelpTwo.dll
    .dll windows:4 windows x86 arch:x86

    eff49c559af768a3700dd022f6aee107


    Headers

    Imports

    Exports

    Sections

  • BtMonSetting.ini
  • BtRealTimeSetting.exe
    .exe windows:4 windows x86 arch:x86

    a57e9d34a4508a100e9a9674b22081bb


    Headers

    Imports

    Sections

  • BtSetting.ini
  • CommonReg.dll
    .dll windows:4 windows x86 arch:x86

    851cd8724f9f934d3a332fdf5529ea86


    Headers

    Imports

    Exports

    Sections

  • EgHelpThree.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • EgHelpTwo.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • EgHelperOne.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • GdiPlus.dll
    .dll windows:5 windows x86 arch:x86

    7d265bc0350ed04fb2dffec878eb283e


    Headers

    Imports

    Exports

    Sections

  • HELPER.VXD
  • Help/help.chm
    .chm
  • Lang/English.dat
  • MsamDaemon.exe
    .exe windows:4 windows x86 arch:x86

    f9ad2181b26cba70acc24baf187ddef1


    Headers

    Imports

    Sections

  • MsamForceDel.exe
    .exe windows:4 windows x86 arch:x86

    b217c963051163def08c7529f92d5d52


    Headers

    Imports

    Sections

  • MsamGuard.exe
    .exe windows:4 windows x86 arch:x86

    aaa734bdf233e7b6248c47353f08a15f


    Headers

    Imports

    Sections

  • MsamMain.exe
    .exe windows:4 windows x86 arch:x86

    aaa734bdf233e7b6248c47353f08a15f


    Headers

    Imports

    Sections

  • MsamPwdProtect.exe
    .exe windows:4 windows x86 arch:x86

    db9467c11460f891e822173b3e6908a1


    Headers

    Imports

    Sections

  • MsamRule.exe
    .exe windows:4 windows x86 arch:x86

    2fc9ade7a185281adb1c25c0549abf18


    Headers

    Imports

    Sections

  • MsamSetting.exe
    .exe windows:4 windows x86 arch:x86

    a57e9d34a4508a100e9a9674b22081bb


    Headers

    Imports

    Sections

  • MsamSvc.exe
    .exe windows:4 windows x86 arch:x86

    d0e80c9050ff3c7aeca66abad8540dba


    Headers

    Imports

    Sections

  • MsamTool.exe
    .exe windows:4 windows x86 arch:x86

    20da84b5151ef3d9353f150fd1ea3451


    Headers

    Imports

    Sections

  • MsamUpdate.exe
    .exe windows:4 windows x86 arch:x86

    aaa734bdf233e7b6248c47353f08a15f


    Headers

    Imports

    Sections

  • MsamWizard.exe
    .exe windows:4 windows x86 arch:x86

    96e19c5a152daea9caeb5b05d179fb5a


    Headers

    Imports

    Sections

  • MsnWormKill.EXE
    .exe windows:4 windows x86 arch:x86

    a0ed79130bd069ddbf1445c59bd8e60d


    Headers

    Imports

    Sections

  • Official Site.url
  • Process.dat
  • ProtectApp.dat
  • Purchase Now.url
  • Rule/Reg.dat
  • Rule/SystemProcess.dat
  • Rule/SystemWrite.dat
  • Scan.gif
    .gif
  • Sounds/About.wav
  • Sounds/Close.wav
  • Sounds/FINDTROJAN.WAV
  • Sounds/ListBox.WAV
  • Sounds/Menu.wav
  • Sounds/Unroll.wav
  • Sounds/Warnning.wav
  • Sounds/dfd.wav
  • Sounds/init.WAV
  • Sounds/tab.WAV
  • SystemGuardDelete.dll
    .dll windows:4 windows x86 arch:x86

    9bea20a23668e9f0e1c7e77c71b554aa


    Headers

    Imports

    Exports

    Sections

  • SystemGuardHelper.dll
    .dll windows:4 windows x86 arch:x86

    f198d5904b2bc226702b70a4076a6b15


    Headers

    Imports

    Exports

    Sections

  • Update.ini
  • Virus1.btk
  • Virus1.bts
  • Virus1.dts
  • Virus1.fts
  • Virus1.nts
  • Virus1.rts
  • Virus10.btk
  • Virus101.btk
  • Virus102.btk
  • Virus103.btk
  • Virus104.btk
  • Virus105.btk
  • Virus106.btk
  • Virus107.btk
  • Virus108.btk
  • Virus109.btk
  • Virus11.btk
  • Virus110.btk
  • Virus111.btk
  • Virus112.btk
  • Virus113.btk
  • Virus114.btk
  • Virus115.btk
  • Virus116.btk
  • Virus117.btk
  • Virus118.btk
  • Virus119.btk
  • Virus12.btk
  • Virus120.btk
  • Virus13.btk
  • Virus14.btk
  • Virus15.btk
  • Virus16.btk
  • Virus17.btk
  • Virus18.btk
  • Virus19.btk
  • Virus2.btk
  • Virus2.fts
  • Virus2.nts
  • Virus20.btk
  • Virus21.btk
  • Virus22.btk
  • Virus23.btk
  • Virus24.btk
  • Virus25.btk
  • Virus26.btk
  • Virus27.btk
  • Virus28.btk
  • Virus29.btk
  • Virus3.btk
  • Virus30.btk
  • Virus31.btk
  • Virus32.btk
  • Virus33.btk
  • Virus34.btk
  • Virus35.btk
  • Virus36.btk
  • Virus37.btk
  • Virus38.btk
  • Virus39.btk
  • Virus4.btk
  • Virus40.btk
  • Virus41.btk
  • Virus42.btk
  • Virus43.btk
  • Virus44.btk
  • Virus45.btk
  • Virus46.btk
    .ps1
  • Virus47.btk
  • Virus48.btk
  • Virus49.btk
  • Virus5.btk
  • Virus50.btk
  • Virus51.btk
  • Virus52.btk
  • Virus53.btk
  • Virus54.btk
  • Virus55.btk
  • Virus56.btk
  • Virus57.btk
  • Virus58.btk
  • Virus59.btk
  • Virus6.btk
  • Virus60.btk
  • Virus61.btk
  • Virus62.btk
  • Virus63.btk
  • Virus64.btk
  • Virus65.btk
  • Virus66.btk
  • Virus67.btk
  • Virus68.btk
  • Virus69.btk
  • Virus7.btk
  • Virus70.btk
  • Virus71.btk
  • Virus72.btk
  • Virus76.btk
  • Virus77.btk
  • Virus78.btk
  • Virus79.btk
  • Virus8.btk
  • Virus80.btk
  • Virus81.btk
  • Virus82.btk
  • Virus83.btk
  • Virus84.btk
  • Virus85.btk
  • Virus86.btk
  • Virus87.btk
  • Virus88.btk
  • Virus89.btk
  • Virus9.btk
  • Virus90.btk
  • Virus91.btk
  • Virus97.btk
  • Virus98.btk
  • Virus99.btk
  • psapi.dll
    .dll windows:5 windows x86 arch:x86

    56c78d77e4cd475b23af92183b7936ad


    Headers

    Imports

    Exports

    Sections

  • reg.key
  • uninst.exe
    .exe windows:4 windows x86 arch:x86

    18bc6fa81e19f21156316b1ae696ed6b


    Headers

    Imports

    Sections

  • $PLUGINSDIR/BtmImg.bmp
  • $PLUGINSDIR/Header.bmp
  • $PLUGINSDIR/LeftImg.bmp
  • unrar.dll
    .dll windows:4 windows x86 arch:x86

    385277c33e14ce37089eb1876b499856


    Headers

    Imports

    Exports

    Sections

  • virus100.btk
  • virus73.btk
  • virus74.btk
  • virus75.btk
  • virus92.btk
  • virus93.btk
  • virus94.btk
  • virus95.btk
  • virus96.btk