Overview

overview

7

Static

static

3

8d7556dfcb...18.exe

windows7-x64

7

8d7556dfcb...18.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

bin/dll/girc.dll

windows7-x64

3

bin/dll/girc.dll

windows10-2004-x64

3

bin/grc/gamersirc.js

windows7-x64

3

bin/grc/gamersirc.js

windows10-2004-x64

3

bin/grc/startup.js

windows7-x64

3

bin/grc/startup.js

windows10-2004-x64

3

bin/ini/aliases.js

windows7-x64

3

bin/ini/aliases.js

windows10-2004-x64

3

bin/kte/Ca...mts.js

windows7-x64

3

bin/kte/Ca...mts.js

windows10-2004-x64

3

bin/kte/Kte-Dyn.js

windows7-x64

3

bin/kte/Kte-Dyn.js

windows10-2004-x64

3

bin/kte/kte.js

windows7-x64

3

bin/kte/kte.js

windows10-2004-x64

3

ircintro.chm

windows7-x64

1

ircintro.chm

windows10-2004-x64

1

media/link.url

windows7-x64

6

media/link.url

windows10-2004-x64

3

mirc.chm

windows7-x64

1

mirc.chm

windows10-2004-x64

1

mirc.exe

windows7-x64

3

mirc.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    8d7556dfcb97f6940fd8426698eabd68_JaffaCakes118

  • Size

    2.0MB

  • MD5

    8d7556dfcb97f6940fd8426698eabd68

  • SHA1

    0c14e3235dd7435b2785d117333caaf8123e3c58

  • SHA256

    b5bc6bd8560d92507d03ce8d1e475cef46c70512be131338b28b8bbda20fa4a3

  • SHA512

    296ccc662e54442af9abdd0a93a8c8f4eb1e24488e21442f33f52f729e0aa712189923be2df31badb37e1349b5d4d48f02ad78a320d0db2194e0098f51a19ca1

  • SSDEEP

    49152:JN6PbG3T/5Bcr905YXBQitfdJOmpEfuDIscurC:OPbdvXBHmmW48ue

Score
3/10

Malware Config

Signatures

  • Unsigned PE 5 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 1 IoCs
    installer

Files

  • 8d7556dfcb97f6940fd8426698eabd68_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    97318da386948415d08cef4a9006d669


    Headers

    Imports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    b1cd0d78f652ce5fc63f0879371af012


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/LangDLL.dll
    .dll windows:4 windows x86 arch:x86

    946eb0a1e85c9ade4acaf634eb5a64f1


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-wizard.bmp
  • bin/dll/girc.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • bin/grc/gamersirc.grc
    .js
  • bin/grc/startup.grc
    .js
  • bin/ini/aliases.ini
    .js
  • bin/ini/on_input.ini
  • bin/ini/popups.ini
  • bin/ini/serverbrowser.ini
  • bin/kte/Cache/GreyWorld.mts.png
    .png
  • bin/kte/Cache/Kte-Dyn-GreyWorld.mts.mrc
    .js
  • bin/kte/Kte-Data.dat
  • bin/kte/Kte-Dyn.mrc
    .js
  • bin/kte/Kte-Restore.dat
  • bin/kte/Kte-Theme.dat
  • bin/kte/kte.mrc
    .js
  • bin/lng/1031.lng
  • bin/lng/1033.lng
  • bin/lng/2057.lng
  • bin/txt/file.txt
  • ircintro.chm
    .chm
  • media/abouteng.txt
  • media/aboutger.txt
  • media/faqeng.txt
  • media/faqger.txt
  • media/gfx/mirc-perform.png
    .png
  • media/gfx/tools/pug.jpg
    .jpg
  • media/gfx/tools/serverbrowser.jpg
    .jpg
  • media/gfx/tools/vote.jpg
    .jpg
  • media/gnufdl.txt
  • media/license.txt
  • media/link.url
    .url
  • media/opensourceeng.txt
  • media/opensourceger.txt
  • media/sfx/alarm.mp3
  • media/sfx/connect.mp3
  • media/sfx/dccsend.mp3
  • media/sfx/email.mp3
  • media/sfx/query.mp3
  • media/vhistoryeng.txt
  • media/vhistoryger.txt
  • mirc.chm
    .chm
  • mirc.exe
    .exe windows:4 windows x86 arch:x86

    de55fa1ab0caa472144890b013b70d9a


    Headers

    Imports

    Sections

  • readme.txt
  • themes/greyworld/GreyWorld.mrc
  • themes/greyworld/GreyWorld.mts
  • themes/greyworld/readme.txt
  • themes/greyworld/start.png
    .png
  • versions.txt