General

  • Target

    9683156898228dcacf567ec2caa79a49_JaffaCakes118

  • Size

    455KB

  • MD5

    9683156898228dcacf567ec2caa79a49

  • SHA1

    d2f52d899478c8f3694a430dd825351b35460bdd

  • SHA256

    0887837a2ea39a5d890a06f70453393e64f28825f7928f1192e7c85ff3496d8a

  • SHA512

    845cb3c5f0d56c4c11eafcbf023bccab7fe829dc37ee5f04049ca609e8cb7b78172cff98403ee3025cf19009810a4cdd081d92683c3dd878d96588178b59ced1

  • SSDEEP

    6144:thhGzE8IMzhQibDmbzJ24Whl0YgQ9MP3q53E4KMI+rs/Sw1Qp1t2pYA0ZhZiSzHg:pE9XQCDQYbh3gIWMjKMIIszrvx38m/D

Score
3/10

Malware Config

Signatures

  • Unsigned PE 11 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 2 IoCs

Files

  • 9683156898228dcacf567ec2caa79a49_JaffaCakes118
    .rar
  • IPAddressShield-v4.691/ipas_setup_4.6.051.2.exe
    .exe windows:4 windows x86 arch:x86

    1cf4252ebbb4f173d97a6ef4f79a60b5


    Headers

    Imports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    922b855d216a21490e4bcbf6c29b7f7d


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/RegSvr33.dll
    .dll windows:4 windows x86 arch:x86

    d54c71d0c2ca3898106c9dc5b596b18d


    Headers

    Imports

    Exports

    Sections

  • FeedbackInfo.exe
    .exe windows:4 windows x86 arch:x86

    f94371a370c7028ca9ecf027321703ab


    Headers

    Imports

    Sections

  • ProxyNew.dll
    .dll regsvr32 windows:4 windows x86 arch:x86

    450467e02ac1b3007b769ca751164f30


    Headers

    Imports

    Exports

    Sections

  • ipas.exe
    .exe windows:4 windows x86 arch:x86

    4656cb7f3abc7cb098e48ddefa0248e1


    Headers

    Imports

    Sections

  • ipas.exe.manifest
    .xml
  • lang_de.dll
    .dll windows:4 windows x86 arch:x86

    90fb0d3b9147b78e7ee69fa48ce244a0


    Headers

    Imports

    Sections

  • shfolder.dll
    .dll windows:5 windows x86 arch:x86

    a8568b57714f17bea2cb443650a1c951


    Headers

    Imports

    Exports

    Sections

  • uninstall.exe
    .exe windows:4 windows x86 arch:x86

    1cf4252ebbb4f173d97a6ef4f79a60b5


    Headers

    Imports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    922b855d216a21490e4bcbf6c29b7f7d


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/RegSvr33.dll
    .dll windows:4 windows x86 arch:x86

    d54c71d0c2ca3898106c9dc5b596b18d


    Headers

    Imports

    Exports

    Sections

  • IPAddressShield-v4.691/新云软件.url
    .url