Overview

overview

6

Static

static

3

89e1f6e9b7...18.exe

windows7-x64

3

89e1f6e9b7...18.exe

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...se.rtf

windows7-x64

4

$PLUGINSDI...se.rtf

windows10-2004-x64

1

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$TEMP/minibar.exe

windows7-x64

3

$TEMP/minibar.exe

windows10-2004-x64

3

$PLUGINSDI...ec.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows10-2004-x64

3

$PLUGINSDI...ss.dll

windows7-x64

3

$PLUGINSDI...ss.dll

windows10-2004-x64

3

$PLUGINSDI...ip.dll

windows7-x64

3

$PLUGINSDI...ip.dll

windows10-2004-x64

3

$PROGRAMFI...gy.dll

windows7-x64

6

$PROGRAMFI...gy.dll

windows10-2004-x64

6

$PROGRAMFI...go.dll

windows7-x64

6

$PROGRAMFI...go.dll

windows10-2004-x64

6

$PROGRAMFI...on.dll

windows7-x64

3

$PROGRAMFI...on.dll

windows10-2004-x64

3

$PROGRAMFI...ton.js

windows7-x64

3

$PROGRAMFI...ton.js

windows10-2004-x64

3

$PROGRAMFI...ton.js

windows7-x64

3

$PROGRAMFI...ton.js

windows10-2004-x64

3

$PROGRAMFI.../ui.js

windows7-x64

3

$PROGRAMFI.../ui.js

windows10-2004-x64

3

$PROGRAMFI...ser.js

windows7-x64

3

$PROGRAMFI...ser.js

windows10-2004-x64

3

$PROGRAMFI...ole.js

windows7-x64

3

$PROGRAMFI...ole.js

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    89e1f6e9b795cd02158986f8c7f9d43c_JaffaCakes118

  • Size

    520KB

  • MD5

    89e1f6e9b795cd02158986f8c7f9d43c

  • SHA1

    1d536cb12ced40413652ee09aa3c624093375b60

  • SHA256

    7dbbe22946c2437845591d5bcbddcc550a8bb16c8dba01e13e34cd52f3fc7c36

  • SHA512

    c4642fc54955d08a913df567c0efdb6e8a76b1751a7572e9fc8e954fda93960b75859d26180dda6bad0f65760b6e699e71bc3a0fc86bdf47178ccdba8667116d

  • SSDEEP

    12288:6t0LO3PwABt4c/uERQ0PF+4CZR9AYDqHpNJKABZBCnbs3dY:6tSO3PEIuERdMlZR9FDqJNJJBsr

Score
3/10

Malware Config

Signatures

  • Unsigned PE 11 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 4 IoCs
    installer

Files

  • 89e1f6e9b795cd02158986f8c7f9d43c_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    099c0646ea7282d232219f8807883be0


    Headers

    Imports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    2017f2acbdaa42ab3e4adeb8b4c37e7b


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/license.rtf
    .rtf
  • $PLUGINSDIR/modern-header.bmp
  • $PLUGINSDIR/nsDialogs.dll
    .dll windows:4 windows x86 arch:x86

    1e2884056e655f2b7bc5a904e352fc80


    Headers

    Imports

    Exports

    Sections

  • $TEMP/minibar.exe
    .exe windows:4 windows x86 arch:x86

    099c0646ea7282d232219f8807883be0


    Headers

    Imports

    Sections

  • $PLUGINSDIR/nsExec.dll
    .dll windows:4 windows x86 arch:x86

    d83f71e61ee459ee63ca3e829966a9dc


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsProcess.dll
    .dll windows:4 windows x86 arch:x86

    c9fc7f6df8fedf8f8f1f9f820c072664


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsUnzip.dll
    .dll windows:4 windows x86 arch:x86

    f61b492d16b51856da71c9a124fee190


    Headers

    Imports

    Exports

    Sections

  • $PROGRAMFILES/Minibar/Froggy.dll
    .dll regsvr32 windows:5 windows x86 arch:x86

    4c7a3f95276f50a76e1adfbc00c7c8b8


    Headers

    Imports

    Exports

    Sections

  • $PROGRAMFILES/Minibar/Kango.dll
    .dll regsvr32 windows:5 windows x86 arch:x86

    da4136ca038f62568c9bfdc1c982f44f


    Headers

    Imports

    Exports

    Sections

  • $PROGRAMFILES/Minibar/MinibarButton.dll
    .dll regsvr32 windows:5 windows x86 arch:x86

    f010497d0b60dc45a47cc1d5d8151b41


    Headers

    Imports

    Exports

    Sections

  • $PROGRAMFILES/Minibar/config.xml
    .xml
  • $PROGRAMFILES/Minibar/extension_info.json
  • $PROGRAMFILES/Minibar/icons/icon128.png
    .png
  • $PROGRAMFILES/Minibar/icons/icon16.ico
  • $PROGRAMFILES/Minibar/icons/icon19.ico
  • $PROGRAMFILES/Minibar/icons/icon19.png
    .png
  • $PROGRAMFILES/Minibar/icons/icon32.png
    .png
  • $PROGRAMFILES/Minibar/icons/icon48.png
    .png
  • $PROGRAMFILES/Minibar/kango-ui/browser_button.js
    .js
  • $PROGRAMFILES/Minibar/kango-ui/commandbar_button.js
    .js
  • $PROGRAMFILES/Minibar/kango-ui/theme/bubble/bottom-left.png
    .png
  • $PROGRAMFILES/Minibar/kango-ui/theme/bubble/bottom-middle.png
    .png
  • $PROGRAMFILES/Minibar/kango-ui/theme/bubble/bottom-right.png
    .png
  • $PROGRAMFILES/Minibar/kango-ui/theme/bubble/middle-left.png
    .png
  • $PROGRAMFILES/Minibar/kango-ui/theme/bubble/middle-right.png
    .png
  • $PROGRAMFILES/Minibar/kango-ui/theme/bubble/tail-bottom.png
    .png
  • $PROGRAMFILES/Minibar/kango-ui/theme/bubble/tail-left.png
    .png
  • $PROGRAMFILES/Minibar/kango-ui/theme/bubble/tail-right.png
    .png
  • $PROGRAMFILES/Minibar/kango-ui/theme/bubble/tail-top.png
    .png
  • $PROGRAMFILES/Minibar/kango-ui/theme/bubble/top-left.png
    .png
  • $PROGRAMFILES/Minibar/kango-ui/theme/bubble/top-middle.png
    .png
  • $PROGRAMFILES/Minibar/kango-ui/theme/bubble/top-right.png
    .png
  • $PROGRAMFILES/Minibar/kango-ui/ui.js
    .js
  • $PROGRAMFILES/Minibar/kango/browser.js
    .js
  • $PROGRAMFILES/Minibar/kango/console.js
  • $PROGRAMFILES/Minibar/kango/event_listener.js
  • $PROGRAMFILES/Minibar/kango/initialize.js
  • $PROGRAMFILES/Minibar/kango/io.js
    .js
  • $PROGRAMFILES/Minibar/kango/json.js
    .js
  • $PROGRAMFILES/Minibar/kango/jsonstorage.js
    .js
  • $PROGRAMFILES/Minibar/kango/kango.js
    .js
  • $PROGRAMFILES/Minibar/kango/lang.js
    .js
  • $PROGRAMFILES/Minibar/kango/md5.js
    .js
  • $PROGRAMFILES/Minibar/kango/messaging.js
    .js
  • $PROGRAMFILES/Minibar/kango/storage.js
    .js
  • $PROGRAMFILES/Minibar/kango/userscript_engine.js
    .js
  • $PROGRAMFILES/Minibar/kango/utils.js
    .js
  • $PROGRAMFILES/Minibar/kango/xhr.js
    .js
  • $PROGRAMFILES/Minibar/minibar/actions.js
    .js
  • $PROGRAMFILES/Minibar/minibar/cachedxhr.js
  • $PROGRAMFILES/Minibar/minibar/config.js
    .js
  • $PROGRAMFILES/Minibar/minibar/config.json
  • $PROGRAMFILES/Minibar/minibar/macros.js
    .js
  • $PROGRAMFILES/Minibar/minibar/minibar.js
    .js
  • chrome_installer.js
    .js
  • common.js
    .js
  • firefox_installer.js
    .js
  • ie_installer.js
    .js
  • install.json
  • minibar.crx
    .zip
  • background.html
  • cached_http_request.js
    .js
  • extension_info.json
  • icons/icon128.png
    .png
  • icons/icon19.png
    .png
  • icons/icon32.png
    .png
  • icons/icon48.png
    .png
  • includes/content.js
  • includes/content_kango.js
    .js
  • includes/content_messaging.js
    .js
  • includes/content_userscript.js
    .js
  • kango-ui/button.js
    .js
  • kango-ui/ui.js
  • kango/browser.js
    .js
  • kango/console.js
  • kango/event_listener.js
  • kango/initialize.js
    .js
  • kango/io.js
    .js
  • kango/jsonstorage.js
    .js
  • kango/kango.js
    .js
  • kango/lang.js
    .js
  • kango/messaging.js
    .js
  • kango/userscript_engine.js
    .js
  • kango/xhr.js
    .js
  • main.js
    .js
  • manifest.json
  • minibar/actions.js
    .js
  • minibar/cachedxhr.js
  • minibar/config.js
    .js
  • minibar/macros.js
    .js
  • minibar/minibar.js
    .js
  • popup.html
  • popup.js
    .js
  • tab.html
  • tab.js
    .js
  • minibar.xpi
    .zip .js polyglot
  • chrome.manifest
  • chrome/content/cached_http_request.js
    .js
  • chrome/content/content.xul
  • chrome/content/extension_info.json
  • chrome/content/icons/icon128.png
    .png
  • chrome/content/icons/icon19.png
    .png
  • chrome/content/icons/icon32.png
    .png
  • chrome/content/icons/icon48.png
    .png
  • chrome/content/kango-ui/button.js
    .js
  • chrome/content/kango-ui/popup.js
    .js
  • chrome/content/kango-ui/popup_window.js
    .js
  • chrome/content/kango-ui/popup_window.xul
  • chrome/content/kango-ui/theme/bubble/bottom-left.png
    .png
  • chrome/content/kango-ui/theme/bubble/bottom-middle.png
    .png
  • chrome/content/kango-ui/theme/bubble/bottom-right.png
    .png
  • chrome/content/kango-ui/theme/bubble/middle-left.png
    .png
  • chrome/content/kango-ui/theme/bubble/middle-right.png
    .png
  • chrome/content/kango-ui/theme/bubble/style.css
  • chrome/content/kango-ui/theme/bubble/tail-bottom.png
    .png
  • chrome/content/kango-ui/theme/bubble/tail-left.png
    .png
  • chrome/content/kango-ui/theme/bubble/tail-right.png
    .png
  • chrome/content/kango-ui/theme/bubble/tail-top.png
    .png
  • chrome/content/kango-ui/theme/bubble/top-left.png
    .png
  • chrome/content/kango-ui/theme/bubble/top-middle.png
    .png
  • chrome/content/kango-ui/theme/bubble/top-right.png
    .png
  • chrome/content/kango-ui/ui.js
  • chrome/content/kango/browser.js
    .js
  • chrome/content/kango/console.js
  • chrome/content/kango/event_listener.js
  • chrome/content/kango/initialize.js
    .js
  • chrome/content/kango/io.js
    .js
  • chrome/content/kango/jsonstorage.js
    .js
  • chrome/content/kango/kango.js
    .js
  • chrome/content/kango/lang.js
    .js
  • chrome/content/kango/messaging.js
    .js
  • chrome/content/kango/storage.js
    .js
  • chrome/content/kango/uninstall_observer.js
    .js
  • chrome/content/kango/userscript_engine.js
    .js
  • chrome/content/kango/xhr.js
    .js
  • chrome/content/main.js
    .js
  • chrome/content/minibar/actions.js
    .js
  • chrome/content/minibar/cachedxhr.js
  • chrome/content/minibar/config.js
    .js
  • chrome/content/minibar/config.json
  • chrome/content/minibar/homepage_helper.js
    .js
  • chrome/content/minibar/macros.js
    .js
  • chrome/content/minibar/minibar.js
    .js
  • chrome/content/minibar/search_helper.js
    .js
  • chrome/content/minibar/search_hook.js
    .js
  • chrome/content/minibar/tabpage_helper.js
    .js
  • install.rdf
  • sqlite3.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections