Overview

overview

7

Static

static

7

MP3 Player...iA.exe

windows7-x64

7

MP3 Player...iA.exe

windows10-2004-x64

7

MP3 Player...iW.exe

windows7-x64

7

MP3 Player...iW.exe

windows10-2004-x64

7

_0200BEB4E...2D.dll

windows7-x64

3

_0200BEB4E...2D.dll

windows10-2004-x64

3

_046F793A9...28.dll

windows7-x64

3

_046F793A9...28.dll

windows10-2004-x64

3

_1B4DC5A2E...9B.dll

windows7-x64

3

_1B4DC5A2E...9B.dll

windows10-2004-x64

3

_2797A4C85...0E.exe

windows7-x64

3

_2797A4C85...0E.exe

windows10-2004-x64

3

_29F1BB284...4.html

windows7-x64

3

_29F1BB284...4.html

windows10-2004-x64

3

_321EC7552...1F.chm

windows7-x64

1

_321EC7552...1F.chm

windows10-2004-x64

1

_342F4B50B...0C.vbs

windows7-x64

1

_342F4B50B...0C.vbs

windows10-2004-x64

1

_45EC43C42...7F.chm

windows7-x64

1

_45EC43C42...7F.chm

windows10-2004-x64

1

_4F6976D35...11.dll

windows7-x64

7

_4F6976D35...11.dll

windows10-2004-x64

7

_5166333B5...B1.dll

windows7-x64

3

_5166333B5...B1.dll

windows10-2004-x64

3

_611736EA8...44.dll

windows7-x64

3

_611736EA8...44.dll

windows10-2004-x64

3

_622725244...21.exe

windows7-x64

3

_622725244...21.exe

windows10-2004-x64

3

_699777575...FD.chm

windows7-x64

1

_699777575...FD.chm

windows10-2004-x64

1

ATTRIB.exe

windows7-x64

ATTRIB.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    8bf420938ebba1948cc4b93d7c75ec37_JaffaCakes118

  • Size

    7.6MB

  • MD5

    8bf420938ebba1948cc4b93d7c75ec37

  • SHA1

    a5d1aec76dfc78b31548a90eab4f832d3cab0c28

  • SHA256

    455359349bb7c799e82e23b1937bdf02dca8de1cf4b214357d480c3180a57460

  • SHA512

    99af344b6b9aa28df3b43b09bf51f48e1bca1081f080cd3fbf74c9440bf0951e6586b7970217bfc81fcd02fa45355290453871eaf7c886f47e6eaf9f65350b74

  • SSDEEP

    196608:dxa4ErfGTqwoZOFyXlIeIC3+/BiDgRFDUZtpY3+ndtFsp9qvugb0+Za9vgY:dRE7AZoUFkII378tU5Yuugg+Za9vgY

Score
7/10
upx

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 1 IoCs

    Detects file using ACProtect software.

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 17 IoCs

    Checks for missing Authenticode signature.

Files

  • 8bf420938ebba1948cc4b93d7c75ec37_JaffaCakes118
    .rar
  • MP3 Player Utilities 3.13/AdfuUpdate.inf
  • MP3 Player Utilities 3.13/Disktool.INI
  • MP3 Player Utilities 3.13/Fwupgrade.INI
  • MP3 Player Utilities 3.13/GenAmvTool.INI
  • MP3 Player Utilities 3.13/InstMsiA.exe
    .exe windows:5 windows x86 arch:x86

    1494de9b53e05fc1f40cb92afbdd6ce4


    Code Sign

    Headers

    Imports

    Sections

  • MP3 Player Utilities 3.13/InstMsiW.exe
    .exe windows:5 windows x86 arch:x86

    1494de9b53e05fc1f40cb92afbdd6ce4


    Code Sign

    Headers

    Imports

    Sections

  • MP3 Player Utilities 3.13/MSI.CAB
    .cab
  • _0200BEB4EFB34AC8AF68134E35F0622D
    .dll windows:5 windows x86 arch:x86

    c6e592e19acd0da69bdcb49a95a6f100


    Headers

    Imports

    Exports

    Sections

  • _035A636C97D3484388108E7A809E4238
  • _046F793A99A0418D88688855C86DB628
    .dll windows:4 windows x86 arch:x86

    a0e4f543c8a56bc720eb38d4ccdb60a6


    Headers

    Imports

    Exports

    Sections

  • _0524EE153EC1492A85DC65896316B60D
  • _07F3B9E2558E4D39A7FBA1F200B517D8
  • _093A8F17A21146508FDCBB4D5142E720
  • _09FBFE4679764F5CB535E81139DB0C05
  • _0ADD2D27C82D465AB60F537564C1C551
  • _0DAA63FA4A02431A86901EA116DB76DB
  • _0E2779D3FB4A4AEB939392930CCCB1FF
  • _12D484C8BC0A4B249ED021503149F735
  • _134F69DA67D44DCFB940A06639D86C48
  • _17551744EA394F279D3E33BC201B0F9D
  • _17FA6909B87A459792704026A6142302
  • _1ABF16D21EFC47F3BEF4A7843D54C47E
  • _1B4DC5A2E06842A2AF67D90F083EA79B
    .dll windows:4 windows x86 arch:x86

    3c75018a31636a38bbbd789f3af2b482


    Headers

    Imports

    Exports

    Sections

  • _1B69C7770AAA431B861DF0D2C2408253
  • _1C5D1C734F4E4420B82A8A4B3E4837B8
  • _1C9560DAB8504757BB7707A9770A25B7
  • _1D47F13C72B94DB69FABEC7F27A22B87
  • _1DEBE9680B714D66AF1C983CE47F8E93
  • _1DF73217BB3C4D82BD9D6D43F230E3F2
  • _20DCE736B188478786B962C8A4BB0373
  • _2416394A192047E9A2076CDC3128B818
  • _2797A4C85C6646FB9F5D7699281AD20E
    .exe windows:5 windows x86 arch:x86

    119233f82752a98520a64b8d5c0cd6db


    Headers

    Imports

    Sections

  • _29F1BB2847B84F499F5F20825A00ABC4
    .html
  • _2BECC5B93D3B4B9C9D7EEC26E4BC8A2C
  • _30115EE29E0C46BAA4B9D0B30C56815D
  • _321EC7552A0C40CE8B1EF6A6D90F7B1F
    .chm
  • _32B6F0D645824716B1034376CE6D368E
  • _342F4B50B83549829607165A617DC40C
    .vbs
  • _452A2C0FA6F94C8BAF6EA35C5122524E
  • _45EC43C422E647589808637DDBA3AE7F
    .chm
  • _4C2379E67BD84E369D70B4C370C34DC1
  • _4DB18B44A6754659B7CFF7ED4D0BDEA8
  • _4E05B9D09B854B7AABA6A6E4DCB1008B
  • _4F6976D3582246DD99FB1B3AECBEB811
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • _4F91902008FD48999FF1F18B292C485A
  • _5166333B561A42EFB427183C9CD5A5B1
    .dll windows:5 windows x86 arch:x86

    c6e592e19acd0da69bdcb49a95a6f100


    Headers

    Imports

    Exports

    Sections

  • _5555361AD78D4C44BAD7B5D2BECB7696
  • _584BD662795742FEAD19D307C3D41D84
  • _5D6AB8A601114BF0994B0D7476CD96D8
  • _600B2382DA8349F897D8A5F592D85A1C
  • _611736EA86604374B59F447AFC14E044
    .dll windows:6 windows x86 arch:x86

    785d5607ed2f18f4ea0be5809350b169


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • _6188A9E5696D48D48B80BFB773C04728
  • _61DDE23ED8C448C1B781341878A2B61F
  • _6227252443C841BF9FFDFF29A9856421
    .exe windows:4 windows x86 arch:x86

    a3722627a3d4a3ccffacf157941f058a


    Headers

    Imports

    Sections

  • _62A5AC9139124233AC7C72243575DEA5
  • _684AA00E7E434BC9B99B93E35E0950CE
  • _6997775750134AEA813C134DE3C379FD
    .chm
  • _699921752B2C4668AEE6D303F1CB64DE
  • _6AC9691B740649DE8589ECAA506BF1C5
  • _6BEDB609C084471DB20FE7B1DFB7E682
    .cab
  • ATTRIB.EXE
  • CHKDSK.EXE
  • DEBUG.EXE
  • EDIT.COM
  • EXT.EXE
  • FORMAT.COM
  • HELP.BAT
  • MSCDEX.EXE
  • RESTART.COM
  • SCANDISK.EXE
  • SCANDISK.INI
  • SYS.COM
  • _6CE6AA415B8F402AAE10CAB5DC1CD95E
    .rtf
  • _6CFA999087FC41AD853A7DE7053A307D
  • _6DC75EE202754F33B5D4209693FA5070
  • _6DD7593687334F61A8C511B5FFF910B8
    .exe windows:4 windows x86 arch:x86

    48c744f34d17a88435d3d2472cf3948a


    Headers

    Imports

    Sections

  • _6EB9C22CA48A4A69B04ABDFBFC299E16
    .dll regsvr32 windows:5 windows x86 arch:x86

    20264582df85180f5b29d7280a7ac0ee


    Headers

    Imports

    Exports

    Sections

  • _72D7D425468E4C2DBB9E5CAB873DD150
  • _7534B7793FC6487496B35434F8329EB6
  • _77564AFCF5924A2986DAFB4E0E15F6A1
  • _79235C8D94104426B0EDE85F0B275A91
  • _7F2FAE9AED3242C08A32BB76CDFD1308
  • _80A9507801104DA4801402A23AE3AFCA
  • _830FBB16324B491892BC47793D2E9DF1
  • _87169FE899974F8B8309D54E3E98E78D
  • _87FF2F49328A43B18F8FF267A22DED93
  • _8FBEFF157FA243439BD821C0D57F9C4B
  • _91DD0277F6794C6597E2DA27B65C4BBC
    .dll windows:5 windows x86 arch:x86

    c6e592e19acd0da69bdcb49a95a6f100


    Headers

    Imports

    Exports

    Sections

  • _956997C529DD4C0B9E456A742E2562E6
  • _9A336AAB0F784F54AA81001B97F7706E
  • _9E770429F5DA41F1A9CB80E0D506EE4D
  • _9FA2DB51C43F455C9D051137D0D552C1
  • _A0338F59FC7B47F6AB375021D253D850
  • _A22746E23E48423C93A6CA030B2DFD36
  • _A40BCB9B90BC41C692ECCE672F8800FD
    .dll windows:4 windows x86 arch:x86

    3c75018a31636a38bbbd789f3af2b482


    Headers

    Imports

    Exports

    Sections

  • _A8B585C0E4C34AA08EE3479AB4BE4A3B
    .exe windows:4 windows x86 arch:x86

    210af8223a8026fd9f8f7994abd1e1cd


    Headers

    Imports

    Sections

  • _B502A3869DE241699D472FF6056D9F1D
  • _B50319BF2A0B4628AFFAE51EF694E65E
  • _B59F092E9E554A0CABAF2B391831FB51
    .chm
  • _B5CA5227B1C24B17A565A4E8176F6601
    .exe windows:4 windows x86 arch:x86

    e7b127b9cbd223cc41edfac1acba0ccf


    Headers

    Imports

    Sections

  • _B5EDDF658AF449BFB3D5BB050CEE3E59
  • _B768BF8414E74223B2E2C4D66DB9C2EC
  • _B99CD51D09D94504A817E6608B0A8989
  • _BBCA55E33AF34A9780F85F92C57DC336
    .dll regsvr32 windows:5 windows x86 arch:x86

    a54f5f32094867d71f38152da5912e90


    Headers

    Imports

    Exports

    Sections

  • _C0498C3A894E4854BDC48C21147B1E1F
  • _C1459FBE1B014E778C17DA7DAE6AB23A
  • _C3A6BD8E09824A1C9C121CE88207BF57
  • _CB282C59CCA34ED48D815DCD09694DC2
  • _CB6A5D40C50646529B3F60A0E43586B9
  • _CB78D0A9870D41619536B7FE933F6132
    .chm
  • _CE7A9B5BF501404EBA5ECE816C430453
    .chm
  • _CE7C6932A18547669769C7D35A91D36A
  • _CED7138B034741FB86D9FCA087F34849
    .chm
  • _D1BA8986E5BA49918A7BA64E5FFFE381
  • _D209C80B522D4784BCA19C16DFAF766C
    .chm
  • _D3EECCCF247C4BDE98AEA72ED9E739BC
  • _D50613FF94484C68B89A4B8590153E73
  • _D58239D3B73C4E308C7B18544325C48C
    .exe windows:4 windows x86 arch:x86

    111ec7d9f34c0d5d668173e26546dcee


    Headers

    Imports

    Sections

  • _DBEA7E91AF834783BD88D628D7964D87
  • _DD8B5F8F0C8541A787B090D5CDFEB0E6
  • _DDD26BA197224AE1A987A8226C769A92
  • _E00EADDA99CD4889B776F9472E76C920
  • _E011B62048134950A461E47BB92ACAE9
  • _E0A18A0B51DD479383FB76F94AFCFE3F
  • _E4B10EDB520348A5AC12B584FB4B7DE5
  • _EBD9BD6D78814B55BFFA7BE84B2D61C5
  • _ECDE4C40AE5040C2B9D6E8605EE7C598
  • _F00B092DF2994A2D84A6D1C6B34A5714
  • _F3F13946532643CC976CCE3A3C6E5636
    .chm
  • _F3F76627EA674E8196AF7A4D855B615A
  • _F755D765941645D98C800867398F2745
  • _FAF9B4CC7D01481595EF34324FB95029
  • _FE5AB69278B644CA9A74A482666D9C76
  • MP3 Player Utilities 3.13/MSIcn.msi
    .msi
  • MP3 Player Utilities 3.13/MSIen.msi
    .msi
  • MP3 Player Utilities 3.13/MSIfr.msi
    .msi
  • MP3 Player Utilities 3.13/MSIge.msi
    .msi
  • MP3 Player Utilities 3.13/MSIit.msi
    .msi
  • MP3 Player Utilities 3.13/MSIjp.msi
    .msi
  • MP3 Player Utilities 3.13/MSIko.msi
    .msi
  • MP3 Player Utilities 3.13/MSIsp.msi
    .msi
  • MP3 Player Utilities 3.13/MSItw.msi
    .msi
  • MP3 Player Utilities 3.13/SoundCon.ini
  • MP3 Player Utilities 3.13/msi.dll
    .dll regsvr32 windows:5 windows x86 arch:x86

    604de05252758c509710a903aa11a4c9


    Headers

    Imports

    Exports

    Sections

  • MP3 Player Utilities 3.13/setup.exe
    .exe windows:4 windows x86 arch:x86

    aa6a7d2b19aff1eca050c1b8b8b572ed


    Headers

    Imports

    Sections