Overview

overview

7

Static

static

7

872fbcc049...18.exe

windows7-x64

7

872fbcc049...18.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...oc.dll

windows7-x64

7

$PLUGINSDI...oc.dll

windows10-2004-x64

7

$PLUGINSDI...SC.dll

windows7-x64

3

$PLUGINSDI...SC.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

bin/MONyog.exe

windows7-x64

3

bin/MONyog.exe

windows10-2004-x64

3

bin/api-ms...-0.dll

windows10-2004-x64

3

bin/api-ms...-0.dll

windows10-2004-x64

3

bin/api-ms...-0.dll

windows10-2004-x64

3

bin/api-ms...-0.dll

windows10-2004-x64

3

bin/api-ms...-0.dll

windows10-2004-x64

3

bin/api-ms...-0.dll

windows10-2004-x64

3

bin/api-ms...-0.dll

windows10-2004-x64

3

bin/api-ms...-0.dll

windows10-2004-x64

3

bin/api-ms...-0.dll

windows10-2004-x64

3

bin/api-ms...-0.dll

windows10-2004-x64

3

bin/api-ms...-0.dll

windows10-2004-x64

3

bin/api-ms...-0.dll

windows10-2004-x64

3

bin/api-ms...-0.dll

windows10-2004-x64

3

bin/api-ms...-0.dll

windows10-2004-x64

3

bin/api-ms...-0.dll

windows10-2004-x64

3

bin/api-ms...-0.dll

windows10-2004-x64

3

bin/api-ms...-1.dll

windows10-2004-x64

3

bin/api-ms...-0.dll

windows10-2004-x64

3

bin/api-ms...-0.dll

windows10-2004-x64

3

bin/api-ms...-0.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    872fbcc049b21d0be11dbec00e5e2be2_JaffaCakes118

  • Size

    7.0MB

  • MD5

    872fbcc049b21d0be11dbec00e5e2be2

  • SHA1

    1f4539c21abbcca234dc31ba6663a6428b06aae9

  • SHA256

    4a8e4f02a422819298e82b7b0ae40998ac10fc3817bec551ee078359b11b1d1c

  • SHA512

    fc41edd4e7da56878ba9982611c4f288c3b723e7bd3bac0ae797dc3a1122f3f7814dc43344dd181f05c8d0bae3c7cd81a8e4c46052a463d4955cb908f15c4354

  • SSDEEP

    98304:FoqZ7bIv7Cc9wQfe+SzTXjc1aAcVRXIPb3TnM4p4f1zXEglo+uoUYo2td22:FsjCcGQG+crjmHCXmb3TMw4fxXHloNal

Score
7/10
upx

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 1 IoCs

    Detects file using ACProtect software.

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 21 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 4 IoCs
    installer

Files

  • 872fbcc049b21d0be11dbec00e5e2be2_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    b78ecf47c0a3e24a6f4af114e2d1f5de


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    610235b90207a63ccf481f0d4375d329


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/KillProc.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • out.upx
    .dll windows:4 windows x86 arch:x86


    Headers

    Sections

  • $PLUGINSDIR/SimpleSC.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    8c8a576201f68de1a3f26fc723b9f30f


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-wizard.bmp
  • $PLUGINSDIR/port.ini
  • MONyog-v1.mib
  • MONyog-v2c.mib
  • MONyog.lua
  • bin/MONyog.exe
    .exe windows:6 windows x86 arch:x86

    04f1e3bf9ec3cf3d8a67f3c5a92170ef


    Headers

    Imports

    Sections

  • bin/api-ms-win-core-console-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • bin/api-ms-win-core-datetime-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • bin/api-ms-win-core-debug-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • bin/api-ms-win-core-errorhandling-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • bin/api-ms-win-core-file-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • bin/api-ms-win-core-file-l1-2-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • bin/api-ms-win-core-file-l2-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • bin/api-ms-win-core-handle-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • bin/api-ms-win-core-heap-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • bin/api-ms-win-core-interlocked-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • bin/api-ms-win-core-libraryloader-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • bin/api-ms-win-core-localization-l1-2-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • bin/api-ms-win-core-memory-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • bin/api-ms-win-core-namedpipe-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • bin/api-ms-win-core-processenvironment-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • bin/api-ms-win-core-processthreads-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • bin/api-ms-win-core-processthreads-l1-1-1.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • bin/api-ms-win-core-profile-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • bin/api-ms-win-core-rtlsupport-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • bin/api-ms-win-core-string-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • bin/api-ms-win-core-synch-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • bin/api-ms-win-core-synch-l1-2-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • bin/api-ms-win-core-sysinfo-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • bin/api-ms-win-core-timezone-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • bin/api-ms-win-core-util-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • bin/api-ms-win-crt-conio-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • bin/api-ms-win-crt-convert-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • bin/api-ms-win-crt-environment-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • bin/api-ms-win-crt-filesystem-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • bin/api-ms-win-crt-heap-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • bin/api-ms-win-crt-locale-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • bin/api-ms-win-crt-math-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • bin/api-ms-win-crt-multibyte-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • bin/api-ms-win-crt-private-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • bin/api-ms-win-crt-process-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • bin/api-ms-win-crt-runtime-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • bin/api-ms-win-crt-stdio-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • bin/api-ms-win-crt-string-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • bin/api-ms-win-crt-time-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • bin/api-ms-win-crt-utility-l1-1-0.dll
    .dll windows:10 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • bin/dialog.dll
    .dll windows:6 windows x86 arch:x86

    eb52b6dd1aeac09290c3b9b4a4680b4b


    Headers

    Imports

    Exports

    Sections

  • bin/js32.dll
    .dll windows:5 windows x86 arch:x86

    965a00aeac82d8cc22fb63ba6ed387e7


    Headers

    Imports

    Exports

    Sections

  • bin/libcurl.dll
    .dll windows:5 windows x86 arch:x86

    32e03806c7d5924d51307c29305bdcdd


    Headers

    Imports

    Exports

    Sections

  • bin/libeay32.dll
    .dll windows:5 windows x86 arch:x86

    bf76bfdbfb2f04df3961cd140f67140b


    Headers

    Imports

    Exports

    Sections

  • bin/libeay32MD.dll
    .dll windows:6 windows x86 arch:x86

    0393974f49968150132aecc98b559b07


    Headers

    Imports

    Exports

    Sections

  • bin/libetpan.dll
    .dll windows:6 windows x86 arch:x86

    ef8791f3399a008cf4ee43ed5334ebc8


    Headers

    Imports

    Exports

    Sections

  • bin/libnspr4.dll
    .dll windows:6 windows x86 arch:x86

    818c932350a9de9bff5d25af310791a9


    Headers

    Imports

    Exports

    Sections

  • bin/libsasl2.dll
    .dll windows:6 windows x86 arch:x86

    95f671a783d759715a3940e5899b1b3d


    Headers

    Imports

    Exports

    Sections

  • bin/msvcp140.dll
    .dll windows:6 windows x86 arch:x86

    7d4a94e128dda6c7a10e11a890bebd9e


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • bin/msvcr100.dll
    .dll windows:5 windows x86 arch:x86

    5271d5ce8b44dd47bc92563e27585466


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • bin/msvcr120.dll
    .dll windows:6 windows x86 arch:x86

    aa8d086deb6960b10f8791df466a5610


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • bin/mysql_clear_password.dll
    .dll windows:6 windows x86 arch:x86

    ba3adcc85b06f197405598b2d20a9ad8


    Headers

    Imports

    Exports

    Sections

  • bin/netsnmp.dll
    .dll windows:5 windows x86 arch:x86

    630331b5ce6ca64553e8e4fff02ecc82


    Headers

    Imports

    Exports

    Sections

  • bin/nspr4.dll
    .dll windows:5 windows x86 arch:x86

    08cbe77cb9e107c99f816679904236bc


    Headers

    Imports

    Exports

    Sections

  • bin/ssleay32.dll
    .dll windows:5 windows x86 arch:x86

    2063b55e294c91445f7d7c61361e1f0d


    Headers

    Imports

    Exports

    Sections

  • bin/ssleay32MD.dll
    .dll windows:6 windows x86 arch:x86

    5a79e3369f0b0f2492a5514a9adc2741


    Headers

    Imports

    Exports

    Sections

  • bin/ucrtbase.dll
    .dll windows:10 windows x86 arch:x86

    7a86ba02a97907fb532ad47d5e59b822


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • bin/vcruntime140.dll
    .dll windows:6 windows x86 arch:x86

    b1497ec17e3cfac16846155a7a629324


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • bin/zlib.dll
    .dll windows:6 windows x86 arch:x86

    277cad9f0a04862f9eb1f267b3741c26


    Headers

    Imports

    Exports

    Sections

  • res/Counters.def
    .js
  • res/MONyog.res
  • res/Udo.def
  • uninst.exe
    .exe windows:4 windows x86 arch:x86

    b78ecf47c0a3e24a6f4af114e2d1f5de


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/SimpleSC.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections