General

  • Target

    8931101ec82ec337c379b83fcc7929ca_JaffaCakes118

  • Size

    615KB

  • MD5

    8931101ec82ec337c379b83fcc7929ca

  • SHA1

    f8a33601a23c6131f6b9056cf619271c58a73ee4

  • SHA256

    51bb9f3378965f96fee833bea9384753b79a78ab8fbd7647a1974973294ed2c1

  • SHA512

    3a713add0c4cf8c5f541bbce56771dcca978d930c4e03d5393f70cc1e74a7aae17356e5cf63c7600b9972b413f9223412169c25371db71e4b81d638003c56ec6

  • SSDEEP

    12288:Pz3qeE/DRxsp4ePfib4VhKSVBl1MW4v2jbqhD5B7Y4kZBLcUHXh:PzIDR+zPfib4bKSzMW4vZuwaR

Score
7/10
upx

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 1 IoCs

    Detects file using ACProtect software.

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 16 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 4 IoCs

Files

  • 8931101ec82ec337c379b83fcc7929ca_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    099c0646ea7282d232219f8807883be0


    Headers

    Imports

    Sections

  • $PLUGINSDIR/Baidubar.bmp
  • $PLUGINSDIR/Base64.dll
    .dll windows:4 windows x86 arch:x86

    1ba6926a1ee4e4cda118768081f528d5


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    b1cd0d78f652ce5fc63f0879371af012


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    2017f2acbdaa42ab3e4adeb8b4c37e7b


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/blowfish.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • $PLUGINSDIR/inetc.dll
    .dll windows:4 windows x86 arch:x86

    3f1149a3053980fe6b461521d2b55a2c


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/left.bmp
  • $PLUGINSDIR/modern-header.bmp
  • $PLUGINSDIR/modern-wizard.bmp
  • $PLUGINSDIR/nsDialogs.dll
    .dll windows:4 windows x86 arch:x86

    1e2884056e655f2b7bc5a904e352fc80


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsRandom.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • out.upx
    .dll windows:4 windows x86 arch:x86


    Headers

    Sections

  • 77.gif
    .gif
  • 88.gif
    .gif
  • AniBuy3.gif
    .gif
  • EscapeClosePro.exe
    .exe windows:4 windows x86 arch:x86

    0527834e58d0b36c6c65deffcbe13a4e


    Headers

    Imports

    Sections

  • EscapeClosePro.exe.manifest
    .xml
  • buynow.htm
    .html
  • end.exe
    .exe windows:4 windows x86 arch:x86

    3d45924afd2b7f0dd4afe4116d9c0c11


    Headers

    Imports

    Sections

  • esccldll.dll
    .dll windows:4 windows x86 arch:x86

    ba91a83dc9fb94128f89c9d9e9ffdb93


    Headers

    Imports

    Exports

    Sections

  • exceptions.png
    .png
  • keygen.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • msvcr70.dll
    .dll windows:4 windows x86 arch:x86

    1042bb30696d4426da7447f341f51a6e


    Headers

    Imports

    Exports

    Sections

  • readme.htm
    .html
  • tips.exe
    .exe windows:1 windows x86 arch:x86

    04f0b1a39b75fa14aa3e6e497471e966


    Headers

    Imports

    Exports

    Sections

  • tips.exe.manifest
    .xml
  • uninst.exe
    .exe windows:4 windows x86 arch:x86

    099c0646ea7282d232219f8807883be0


    Headers

    Imports

    Sections

  • $PLUGINSDIR/modern-header.bmp
  • web.htm
    .html
  • ˵.txt