Overview

overview

7

Static

static

7

UniExtract.exe

windows7-x64

7

UniExtract.exe

windows10-2004-x64

7

bin/7z.dll

windows7-x64

3

bin/7z.dll

windows10-2004-x64

3

bin/7z.exe

windows7-x64

3

bin/7z.exe

windows10-2004-x64

3

bin/AspackDie.exe

windows7-x64

3

bin/AspackDie.exe

windows10-2004-x64

3

bin/BOOZ.exe

windows7-x64

bin/BOOZ.exe

windows10-2004-x64

bin/EXTRACT.exe

windows7-x64

3

bin/EXTRACT.exe

windows10-2004-x64

bin/E_WISE_W.exe

windows7-x64

1

bin/E_WISE_W.exe

windows10-2004-x64

3

bin/Expander.exe

windows7-x64

3

bin/Expander.exe

windows10-2004-x64

3

bin/ForceLibrary.dll

windows7-x64

3

bin/ForceLibrary.dll

windows10-2004-x64

3

bin/InstExpl.dll

windows7-x64

3

bin/InstExpl.dll

windows10-2004-x64

3

bin/InstExpl.dll

windows7-x64

3

bin/InstExpl.dll

windows10-2004-x64

3

bin/IsXunpack.exe

windows7-x64

1

bin/IsXunpack.exe

windows10-2004-x64

3

bin/MHTUnp.dll

windows7-x64

7

bin/MHTUnp.dll

windows10-2004-x64

7

bin/MsiX.exe

windows7-x64

3

bin/MsiX.exe

windows10-2004-x64

3

bin/NBHextract.exe

windows7-x64

7

bin/NBHextract.exe

windows10-2004-x64

7

bin/PDunSIS.dll

windows7-x64

3

bin/PDunSIS.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    949a20402c22a860d681b0b447244ec0_JaffaCakes118

  • Size

    4.9MB

  • MD5

    949a20402c22a860d681b0b447244ec0

  • SHA1

    e960091d203c84c6034c14a6146f8f4bb638b11a

  • SHA256

    ce6e10bb0af83ed061b41860c0277ff42dc90d6982dd8c17c57cf81da1eef054

  • SHA512

    2cd9f937348098b5499ceb2f49011b5f75573b5a2c5b0678401476d1ec397b586c484cff6b1d4172026315fad910201dbe4dfb2f0dcc9bf2683f9ce980b729ca

  • SSDEEP

    98304:hExiJO7BEjStX1Or3cfMXckzSTBgHGkuP1RK3cPsv750TLL34WLK0/Zcb:bUSSkcQkBgm17K8sQRs

Score
7/10
upxaspackv2

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 1 IoCs

    Detects file using ACProtect software.

  • ASPack v2.12-2.42 1 IoCs

    Detects executables packed with ASPack v2.12-2.42

    aspackv2
  • UPX packed file 12 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • AutoIT Executable 1 IoCs

    AutoIT scripts compiled to PE executables.

  • Unsigned PE 69 IoCs

    Checks for missing Authenticode signature.

Files

  • 949a20402c22a860d681b0b447244ec0_JaffaCakes118
    .rar
  • English.ini
  • UniExtract.exe
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections

  • UniExtract.ini
  • bin/7z.dll
    .dll windows:4 windows x86 arch:x86

    25bcc7010e8e7f0e059da50586853709


    Headers

    Imports

    Exports

    Sections

  • bin/7z.exe
    .exe windows:4 windows x86 arch:x86

    2efb558b40291d5b63f14a2b16bcaf76


    Headers

    Imports

    Sections

  • bin/AspackDie.exe
    .exe windows:4 windows x86 arch:x86

    c4a0ba5350bba0f80b80c937eb70b07c


    Headers

    Imports

    Sections

  • bin/BOOZ.EXE
  • bin/EXTRACT.EXE
    .exe windows:4 windows x86 arch:x86

    8e25b5eb3246f3f49ae2691af0c048a9


    Headers

    Imports

    Sections

  • bin/E_WISE.INI
  • bin/E_WISE_W.EXE
    .exe windows:1 windows x86 arch:x86


    Headers

    Sections

  • bin/Expander.exe
    .exe windows:4 windows x86 arch:x86

    149672c6b7e3cee5060e2868883da0b5


    Headers

    Imports

    Sections

  • bin/ForceLibrary.dll
    .dll windows:4 windows x86 arch:x86

    a4b17a2c1fbe7a4e16fb12434360bf6e


    Headers

    Imports

    Exports

    Sections

  • bin/InstExpl.dll
    .dll windows:4 windows x86 arch:x86

    49006c372baa291c7124b23ff015e1bb


    Headers

    Imports

    Exports

    Sections

  • bin/InstExpl.wcx
    .dll windows:4 windows x86 arch:x86

    d18e927d0522269f48a0030892f0e2fd


    Headers

    Imports

    Exports

    Sections

  • bin/IsXunpack.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • bin/MHTUnp.wcx
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • out.upx
    .dll windows:4 windows x86 arch:x86


    Headers

    Sections

  • bin/MsiX.exe
    .exe windows:4 windows x86 arch:x86

    6ada62842798b146d2ed8d4cb232c736


    Headers

    Imports

    Sections

  • bin/NBHextract.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • bin/PDunSIS.wcx
    .dll windows:4 windows x86 arch:x86

    dd3ac4fc2159218e37bfee3412478043


    Headers

    Imports

    Exports

    Sections

  • bin/PEiD.exe
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections

  • bin/RAIU.EXE
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • bin/STIX_D.EXE
  • bin/TrIDDefs.TRD
  • bin/UHARC02.EXE
  • bin/UHARC04.EXE
    .exe windows:1 windows x86 arch:x86


    Headers

    Sections

  • bin/UNUHARC06.EXE
    .exe windows:1 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:1 windows x86 arch:x86


    Headers

    Sections

  • bin/UnRAR.exe
    .exe windows:5 windows x86 arch:x86

    a0a0cfdcead0140c903c4313c1428b71


    Headers

    Imports

    Sections

  • bin/Unp/Bzip2_1.unp
    .dll windows:4 windows x86 arch:x86

    9c4c946753c3105cbb58b9f35b7e36e3


    Headers

    Imports

    Exports

    Sections

  • bin/Unp/Bzip2_2.unp
    .dll windows:4 windows x86 arch:x86

    bb9ccb42f2152b54777e7cff13727f94


    Headers

    Imports

    Exports

    Sections

  • bin/Unp/Bzip2_3.unp
    .dll windows:4 windows x86 arch:x86

    8da9853cfbb39e39358d2b617708bf8d


    Headers

    Imports

    Exports

    Sections

  • bin/Unp/Eschalon.unp
    .dll windows:4 windows x86 arch:x86

    c9d12c83bfcefaa410b1cbfafbcfbe01


    Headers

    Imports

    Exports

    Sections

  • bin/Unp/Gentee.unp
    .dll windows:4 windows x86 arch:x86

    5ea4f064a8e8e09f2701bd1588542066


    Headers

    Imports

    Exports

    Sections

  • bin/Unp/inflate1.unp
    .dll windows:4 windows x86 arch:x86

    ee64fcf3205c7cd220462688b7353db3


    Headers

    Imports

    Exports

    Sections

  • bin/Unp/inflate2.unp
    .dll windows:4 windows x86 arch:x86

    a9eef135b3b4db2727cdcdf25a367c5c


    Headers

    Imports

    Exports

    Sections

  • bin/Unp/inflate3.unp
    .dll windows:4 windows x86 arch:x86

    9c4c946753c3105cbb58b9f35b7e36e3


    Headers

    Imports

    Exports

    Sections

  • bin/Unp/lzma.unp
    .dll windows:4 windows x86 arch:x86

    cda42b60e4c0185bc42b5ef04bf85d83


    Headers

    Imports

    Exports

    Sections

  • bin/Unp/pkware.unp
    .dll windows:4 windows x86 arch:x86

    d5ecb509eeebf85cf04eeb8984b860fe


    Headers

    Imports

    Exports

    Sections

  • bin/Unp/vise.unp
    .dll windows:4 windows x86 arch:x86

    b9459c04009759fb917b03db5482230f


    Headers

    Imports

    Exports

    Sections

  • bin/WDOSXLE.EXE
  • bin/WUN.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • bin/ZD50149.DLL
    .dll windows:4 windows x86 arch:x86

    f1e0ff5b3f67bbad880b9006a19aac7d


    Headers

    Imports

    Exports

    Sections

  • bin/ZD51145.DLL
    .dll windows:4 windows x86 arch:x86

    b77ef621489962c68348d38648714d72


    Headers

    Imports

    Exports

    Sections

  • bin/ZD55131.DLL
    .dll windows:4 windows x86 arch:x86

    b77ef621489962c68348d38648714d72


    Headers

    Imports

    Exports

    Sections

  • bin/arc.exe
    .exe windows:4 windows x86 arch:x86

    dac148333d91c67899ec674d0f010d17


    Headers

    Imports

    Sections

  • bin/arj.exe
    .exe windows:1 windows x86 arch:x86

    db336962209f1fc8135f0202fbec7c9f


    Headers

    Imports

    Sections

  • bin/bin2iso.exe
    .exe windows:4 windows x86 arch:x86

    8363ea299a07e22f8ca0630a157c9e6f


    Headers

    Imports

    Sections

  • bin/cdirip.exe
    .exe windows:4 windows x86 arch:x86

    5e0a22e0ec21657fb7d93ecd2bc98ab0


    Headers

    Imports

    Sections

  • bin/clit.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • bin/cmdTotal.exe
    .exe windows:4 windows x86 arch:x86

    25314ad3df7d809bf665351c4ea1e87d


    Headers

    Imports

    Sections

  • bin/dbxplug.wcx
    .dll .url windows:4 windows x86 arch:x86 polyglot

    dd3b0d1c910d43f94948502487dc9ec3


    Headers

    Imports

    Exports

    Sections

  • bin/extractMHT.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • bin/helpdeco.exe
    .exe windows:4 windows x86 arch:x86

    0949cbb65c5c034f7130cc04fbfe8c07


    Headers

    Imports

    Sections

  • bin/i3comp.exe
    .exe windows:1 windows x86 arch:x86

    99219381f57314b3d83442518dfb07bc


    Headers

    Imports

    Exports

    Sections

  • bin/i5comp.exe
    .exe windows:4 windows x86 arch:x86

    d53a328f49ecad33e823b575f068f9b4


    Headers

    Imports

    Sections

  • bin/i6comp.exe
    .exe windows:4 windows x86 arch:x86

    0e81a70eb44eb932f3911c333bc971c5


    Headers

    Imports

    Sections

  • bin/innounp.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • bin/kgb_arch_decompress.exe
    .exe windows:4 windows x86 arch:x86

    0cf90dc077ffa7c701f27307c34fb5ab


    Headers

    Imports

    Sections

  • bin/lzop.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • bin/msi.wcx
    .dll windows:5 windows x86 arch:x86

    a574b52f87a06e75f3cf4a2521eee742


    Headers

    Imports

    Exports

    Sections

  • bin/nrg2iso.exe
    .exe windows:4 windows x86 arch:x86

    e553909c25b1cc0a88a3b9f14734a632


    Headers

    Imports

    Sections

  • bin/pea.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • bin/stuffit5.engine-5.1.dll
    .dll windows:4 windows x86 arch:x86

    c05149d533526c93a4fab2590bc87aae


    Headers

    Imports

    Exports

    Sections

  • bin/tee.exe
    .exe windows:4 windows x86 arch:x86

    154a3e3be799e1bcabf04dac8419cf6f


    Headers

    Imports

    Sections

  • bin/trid.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • bin/unlzx.exe
    .exe windows:1 windows x86 arch:x86

    66bb7f006e55749bc36d015ed5499f40


    Headers

    Imports

    Sections

  • bin/unzip.exe
    .exe windows:4 windows x86 arch:x86

    a748a7b40b99ec291d54c001001fb23e


    Headers

    Imports

    Sections

  • bin/upx.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • bin/userdb.txt
  • bin/uudeview.exe
    .exe windows:4 windows x86 arch:x86

    4f171d0c2114e195f969ae3fa6e269a9


    Headers

    Imports

    Sections

  • bin/xace.exe
    .exe windows:1 windows x86 arch:x86


    Headers

    Sections

  • docs/7zip_license.txt
  • docs/7zip_readme.txt
  • docs/7zip_url.txt
  • docs/Expander_license.txt
  • docs/Expander_url.txt
  • docs/arc_license.txt
  • docs/arc_readme.txt
  • docs/arc_url.txt
  • docs/arj_license.txt
  • docs/arj_readme.txt
  • docs/arj_url.txt
  • docs/aspackdie_readme.txt
  • docs/aspackdie_url.txt
  • docs/bin2iso_readme.txt
  • docs/bin2iso_url.txt
  • docs/booz_readme.doc
  • docs/booz_url.txt
  • docs/cdirip_readme.txt
  • docs/cdrip_url.txt
  • docs/cmdTotal_readme.txt
  • docs/cmdTotal_url.txt
  • docs/convertlit_readme.txt
  • docs/convertlit_url.txt
  • docs/dbxplug_url.txt
  • docs/ewise_author.txt
  • docs/ewise_readme.txt
  • docs/ewise_url.txt
  • docs/extractMHT_license.txt
  • docs/extractMHT_url.txt
  • docs/extract_license.txt
  • docs/extract_url.txt
  • docs/helpdeco_license.txt
  • docs/helpdeco_readme.txt
  • docs/helpdeco_url.txt
  • docs/hwun_readme.txt
  • docs/hwun_url.txt
  • docs/i3comp_readme.txt
  • docs/i5comp_readme.txt
  • docs/i5comp_url.txt
  • docs/i6comp_readme.txt
  • docs/i6comp_url.txt
  • docs/innounp_license.txt
  • docs/innounp_readme.htm
    .html
  • docs/innounp_url.txt
  • docs/installexplorer_readme_en.txt
  • docs/installexplorer_url.txt
  • docs/isxunpack_readme.txt
  • docs/isxunpack_url.txt
  • docs/kgb_readme_en.htm
    .html
  • docs/kgb_url.txt
  • docs/lzma_license.txt
  • docs/lzma_readme.txt
  • docs/lzma_url.txt
  • docs/lzop_license.txt
  • docs/lzop_readme.txt
    .vbs
  • docs/lzop_url.txt
  • docs/mhtunp_readme.txt
  • docs/mhtunp_url.txt
  • docs/msi_readme.txt
  • docs/msi_url.txt
  • docs/msix_url.txt
  • docs/nbgextract_url.txt
  • docs/nrg2iso_license.txt
  • docs/nrg2iso_url.txt
  • docs/pdunsis_readme.txt
  • docs/pdunsis_url.txt
  • docs/pea_readme.txt
  • docs/pea_url.txt
  • docs/peid_readme.txt
  • docs/peid_url.txt
  • docs/stix_readme.txt
  • docs/stix_url.txt
  • docs/tee_license.txt
  • docs/tee_url.txt
  • docs/trid_readme_e.txt
  • docs/trid_url.txt
  • docs/uharc_license.doc
  • docs/uharc_readme.doc
  • docs/uharc_url.txt
  • docs/unlzx_readme.txt
  • docs/unlzx_url.txt
  • docs/unrar_license.txt
  • docs/unrar_url.txt
  • docs/unzip_license.txt
  • docs/unzip_man.txt
    .vbs
  • docs/unzip_readme.txt
  • docs/unzip_url.txt
  • docs/upx_license.txt
  • docs/upx_readme.txt
  • docs/upx_url.txt
  • docs/uudeview_license.txt
  • docs/uudeview_url.txt
  • docs/xace_license.txt
  • docs/xace_url.txt
  • lang/Arabic.ini
  • lang/Armenian.ini
  • lang/Bulgarian.ini
  • lang/Chinese (Simplified).ini
  • lang/Chinese (Traditional).ini
  • lang/Croatian.ini
  • lang/Czech.ini
  • lang/Dutch.ini
  • lang/Finnish.ini
  • lang/French.ini
  • lang/German.ini
  • lang/Greek.ini
  • lang/Hungarian.ini
  • lang/Italian.ini
  • lang/Japanese.ini
  • lang/Korean.ini
  • lang/Persian (Farsi).ini
  • lang/Polish.ini
  • lang/Portuguese (Brazilian).ini
  • lang/Portuguese.ini
  • lang/Romanian.ini
  • lang/Russian.ini
  • lang/Serbian.ini
  • lang/Slovak.ini
  • lang/Spanish.ini
  • lang/Swedish.ini
  • lang/Taiwanese.ini
  • lang/Thai.ini
  • lang/Turkish.ini
  • lang/Ukrainian.ini
  • lang/Valencian (Catalan).ini
  • lang/Vietnamese.ini
  • uniextract_changelog.txt
  • uniextract_license.txt