General

  • Target

    8a29ee4ccd2779668d258394c02152ac_JaffaCakes118

  • Size

    9.2MB

  • MD5

    8a29ee4ccd2779668d258394c02152ac

  • SHA1

    ca444de215e92b705d2b4a9d64fafb02fafc09bd

  • SHA256

    91ff99594f87c113f6087359093099cdbbc1fc19b1a03bee9b52ed86a47c2835

  • SHA512

    032a281a5e95adb6f15587f9bcea27a3797bc65759a2605443f561f4dc629346a9750d09b18d00086cc020722bd2c8c515fd25feba2fc17f09024f4c845891e7

  • SSDEEP

    196608:RhV1pMzHQCMFGldOAo49m5ckxDDNLpTgUsPVAaKxj10vK2/X6htH/XT:R3XMzaGw49mL5JpTgdOaMy/XC/D

Score
10/10

Malware Config

Signatures

  • Detects Strela Stealer payload 1 IoCs
  • Strela family
  • Unsigned PE 11 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 4 IoCs

Files

  • 8a29ee4ccd2779668d258394c02152ac_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    7fa974366048f9c551ef45714595665e


    Headers

    Imports

    Sections

  • $PLUGINSDIR/AdvSplash.dll
    .dll windows:4 windows x86 arch:x86

    741b6bafe355b63a372d737b30543a95


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/Bass.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • $PLUGINSDIR/GetVersion.dll
    .dll windows:5 windows x86 arch:x86

    fb1aa2bbc159c94cb45792330366bd5f


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    b1cd0d78f652ce5fc63f0879371af012


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/NSIS_SkinCrafter_Plugin.dll
    .dll windows:4 windows x86 arch:x86

    8a595235c826f2ae0f0362f688723bd0


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    2017f2acbdaa42ab3e4adeb8b4c37e7b


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/bass.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • $PLUGINSDIR/dat_bgm.ogg
  • $PLUGINSDIR/dat_skin.skf
  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-wizard.bmp
  • $PLUGINSDIR/splash.bmp
  • License Agreement.rtf
    .rtf
  • Plug-In Setup Help.txt
  • Voxengo Primary User Guide en.pdf
    .pdf
  • Voxengo Voxformer User Guide en.pdf
    .pdf
  • Voxformer x64.dll
    .dll windows:4 windows x64 arch:x64

    d90ec07984a25dd7df7892851931cee2


    Headers

    Imports

    Exports

    Sections

  • Voxformer.dll
    .dll windows:4 windows x86 arch:x86

    307a571f4dd9ba578b54560f114609be


    Headers

    Imports

    Exports

    Sections

  • uninstall.exe
    .exe windows:4 windows x86 arch:x86

    7fa974366048f9c551ef45714595665e


    Headers

    Imports

    Sections

  • whatsnew.txt