exec
isdone
wait
General
-
Target
96c11240f8656c5f175a7f20fb03d679_JaffaCakes118
-
Size
8.3MB
-
MD5
96c11240f8656c5f175a7f20fb03d679
-
SHA1
25e1e0b92bf332edfab201b7cc3081e0f151e387
-
SHA256
d4dd2ca7e0621b00869cfc5f3d8baafa83a450304133a572b0d531a677adfc31
-
SHA512
e1876066fb99fe464547f0bbe35ba2e63eff2c07a89c6be4077f4574230efe81f6a0b477e110fb55ec4e820ac604624c9e9fcfb32359254b01784559861b01e3
-
SSDEEP
196608:4hDiDUy8i8TbAr254tQEOD3YdPlDkpA3yn3MrN1AZ:yGuLQrO4pOTEPlDk6ycxO
Score
7/10
Malware Config
Signatures
-
ACProtect 1.3x - 1.4x DLL software 1 IoCs
Detects file using ACProtect software.
-
UPX packed file 2 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Unsigned PE 47 IoCs
Checks for missing Authenticode signature.
-
NSIS installer 9 IoCs
Files
-
96c11240f8656c5f175a7f20fb03d679_JaffaCakes118
7fa974366048f9c551ef45714595665e
Headers
Imports
Sections
-
$PLUGINSDIR/ExecDos.dll
2dfc6a992d004b736e85c64219a88b4a
Headers
Imports
Exports
Sections
-
$PLUGINSDIR/InstallOptions.dll
b1cd0d78f652ce5fc63f0879371af012
Headers
Imports
Exports
Sections
-
$PLUGINSDIR/System.dll
2017f2acbdaa42ab3e4adeb8b4c37e7b
Headers
Imports
Exports
Sections
-
$PLUGINSDIR/iOClean.ini
-
$PLUGINSDIR/ioSpecial.ini
-
$PLUGINSDIR/modern-wizard.bmp
-
$TEMPImg/Installer.exe
7fa974366048f9c551ef45714595665e
Headers
Imports
Sections
-
$PLUGINSDIR/ExecDos.dll
2dfc6a992d004b736e85c64219a88b4a
Headers
Imports
Exports
Sections
-
$PLUGINSDIR/System.dll
2017f2acbdaa42ab3e4adeb8b4c37e7b
Headers
Imports
Exports
Sections
-
$TEMPImg/AskInstallChecker-1.5.0.0.exe
66c8920bc3035d736f66f927d463ca2b
Code Sign
Headers
Imports
Sections
-
$TEMPImg/FVM.exe
81638d02019c0bfcaaf23a9c69f2f12c
Code Sign
Headers
Imports
Sections
-
$TEMPImg/PazeraToolbar.exe
7fa974366048f9c551ef45714595665e
Code Sign
Headers
Imports
Sections
-
$PLUGINSDIR/CABSetup.dll
5070fa13a62547a5beae58004a204cbb
Headers
Imports
Exports
Sections
-
$PLUGINSDIR/InetLoad.dll
24a4a671f5cc294ce3543d18a1e873cd
Headers
Imports
Exports
Sections
-
$PLUGINSDIR/InstallOptions.dll
57354bdeea3dfae6e948101add87501a
Headers
Imports
Exports
Sections
-
$PLUGINSDIR/ScrollLicense.dll
674bbf1e72dbf6f2664d8aea288261e0
Headers
Imports
Exports
Sections
-
$PLUGINSDIR/System.dll
4ec328f99bdd944fc98d8a5cf11f7a62
Headers
Imports
Exports
Sections
-
$PLUGINSDIR/UserInfo.dll
48cfa0ea7e353e4a7dd23572da8374ef
Headers
Imports
Exports
Sections
-
$PLUGINSDIR/dca.ini
-
$PLUGINSDIR/frtb_static_files.cab
-
Helper.dll
34a3df05d2cc08ee3da4457ce628c357
Headers
Imports
Exports
Sections
-
ImageConversion.dll
44781c6895de7935eaa213d8ae356e35
Headers
Imports
Exports
Sections
-
RSSReader_plugin.dll
a654a29e2f99af5247506fac6ee4864b
Headers
Imports
Exports
Sections
-
RadioPlugin.dll
8e37a09dc6394fe8978f45de107c05a9
Headers
Imports
Exports
Sections
-
SearchComponent.dll
6299116dafc34c4ef19d19e43b8d6694
Headers
Imports
Exports
Sections
-
Toolbar.dll
be7add6560b15c5bc3f7a0b1f583a08e
Headers
Imports
Exports
Sections
-
TroubleShooter.exe
7e560e1cf79aa015363d94a640ecdbbb
Headers
Imports
Sections
-
aboutTabs.7.js
-
aboutTabs.8.js
-
audio.bmp
-
banner_container.html
-
blockcursor.cur
-
blocksound.wav
-
bookmark_off.bmp
-
bookmark_on.bmp
-
bookmarksplugin.dll
e563b5e0ac42ca459ba9f51cfd361743
Headers
Imports
Exports
Sections
-
bubble_permissions.html
-
build
-
caching_banner.html
-
chevron.bmp
-
component.xsl
-
efolder.bmp
-
email.bmp
-
email2.bmp
-
emailchecker_plugin.dll
12417e76af468159503b8e5ed44b08c9
Headers
Imports
Exports
Sections
-
facebook.feature
-
fbrss.xsl
-
ff.xsl
-
folder.bmp
-
gedit.exe
a795589b34089fa942ee977fd356efd0
Headers
Imports
Sections
-
iefavelem.bmp
-
images/msgbox/down.gif
-
images/msgbox/hr.bmp
-
images/msgbox/mark.png
-
images/msgbox/mark_do.png
-
images/msgbox/mark_na.png
-
images/msgbox/navbg.bmp
-
images/msgbox/refresh.png
-
images/msgbox/refresh_do.png
-
images/msgbox/refresh_na.png
-
images/msgbox/trash.png
-
images/msgbox/trash_do.png
-
images/msgbox/trash_na.png
-
images/msgbox/unmark.png
-
images/msgbox/unmark_do.png
-
images/msgbox/unmark_na.png
-
images/msgbox/up.gif
-
images/ticker/left.gif
-
images/ticker/right.gif
-
images/weather/0.bmp
-
images/weather/1.bmp
-
images/weather/10.bmp
-
images/weather/11.bmp
-
images/weather/12.bmp
-
images/weather/13.bmp
-
images/weather/14.bmp
-
images/weather/15.bmp
-
images/weather/16.bmp
-
images/weather/17.bmp
-
images/weather/18.bmp
-
images/weather/19.bmp
-
images/weather/2.bmp
-
images/weather/20.bmp
-
images/weather/21.bmp
-
images/weather/22.bmp
-
images/weather/23.bmp
-
images/weather/24.bmp
-
images/weather/25.bmp
-
images/weather/26.bmp
-
images/weather/27.bmp
-
images/weather/28.bmp
-
images/weather/29.bmp
-
images/weather/3.bmp
-
images/weather/30.bmp
-
images/weather/31.bmp
-
images/weather/32.bmp
-
images/weather/33.bmp
-
images/weather/34.bmp
-
images/weather/35.bmp
-
images/weather/36.bmp
-
images/weather/37.bmp
-
images/weather/38.bmp
-
images/weather/39.bmp
-
images/weather/4.bmp
-
images/weather/40.bmp
-
images/weather/41.bmp
-
images/weather/42.bmp
-
images/weather/43.bmp
-
images/weather/44.bmp
-
images/weather/45.bmp
-
images/weather/46.bmp
-
images/weather/47.bmp
-
images/weather/5.bmp
-
images/weather/6.bmp
-
images/weather/7.bmp
-
images/weather/8.bmp
-
images/weather/9.bmp
-
images/weather/hr.bmp
-
images/weather/na.bmp
-
images/weather/png/0.png
-
images/weather/png/1.png
-
images/weather/png/10.png
-
images/weather/png/11.png
-
images/weather/png/12.png
-
images/weather/png/13.png
-
images/weather/png/14.png
-
images/weather/png/15.png
-
images/weather/png/16.png
-
images/weather/png/17.png
-
images/weather/png/18.png
-
images/weather/png/19.png
-
images/weather/png/2.png
-
images/weather/png/20.png
-
images/weather/png/21.png
-
images/weather/png/22.png
-
images/weather/png/23.png
-
images/weather/png/24.png
-
images/weather/png/25.png
-
images/weather/png/26.png
-
images/weather/png/27.png
-
images/weather/png/28.png
-
images/weather/png/29.png
-
images/weather/png/3.png
-
images/weather/png/30.png
-
images/weather/png/31.png
-
images/weather/png/32.png
-
images/weather/png/33.png
-
images/weather/png/34.png
-
images/weather/png/35.png
-
images/weather/png/36.png
-
images/weather/png/37.png
-
images/weather/png/38.png
-
images/weather/png/39.png
-
images/weather/png/4.png
-
images/weather/png/40.png
-
images/weather/png/41.png
-
images/weather/png/42.png
-
images/weather/png/43.png
-
images/weather/png/44.png
-
images/weather/png/45.png
-
images/weather/png/46.png
-
images/weather/png/47.png
-
images/weather/png/5.png
-
images/weather/png/6.png
-
images/weather/png/7.png
-
images/weather/png/8.png
-
images/weather/png/9.png
-
images/weather/png/na.png
-
location.xsl
-
magglass.ico
-
manage_bookmarks.html
-
marquee.html
-
marquee_permissions.html
-
messaging.bmp
-
minus.bmp
-
msgbox_bubble.tmpl
-
msgbox_openmsg.tmpl
-
msgboxplugin.dll
f5bf42725c49d4c113e19d01bba98d36
Headers
Imports
Exports
Sections
-
offline.html
-
plus.bmp
-
podcast.bmp
-
podcast.xsl
-
radio.bmp
-
resize.bmp
-
rssfeed.bmp
-
search.xsl
-
skins/radio/gray03/Equalizer1.bmp
-
skins/radio/gray03/Equalizer2.bmp
-
skins/radio/gray03/Equalizer3.bmp
-
skins/radio/gray03/Equalizer4.bmp
-
skins/radio/gray03/Equalizer5.bmp
-
skins/radio/gray03/Equalizer6.bmp
-
skins/radio/gray03/btn_dropdwn_down.bmp
-
skins/radio/gray03/btn_dropdwn_over.bmp
-
skins/radio/gray03/btn_dropdwn_up.bmp
-
skins/radio/gray03/btn_max_down.bmp
-
skins/radio/gray03/btn_max_over.bmp
-
skins/radio/gray03/btn_max_up.bmp
-
skins/radio/gray03/btn_min_down.bmp
-
skins/radio/gray03/btn_min_over.bmp
-
skins/radio/gray03/btn_min_up.bmp
-
skins/radio/gray03/btn_pause_down.bmp
-
skins/radio/gray03/btn_pause_over.bmp
-
skins/radio/gray03/btn_pause_up.bmp
-
skins/radio/gray03/btn_play_down.bmp
-
skins/radio/gray03/btn_play_over.bmp
-
skins/radio/gray03/btn_play_up.bmp
-
skins/radio/gray03/btn_playcntrl_over.bmp
-
skins/radio/gray03/btn_playcntrl_up.bmp
-
skins/radio/gray03/btn_stop_down.bmp
-
skins/radio/gray03/btn_stop_over.bmp
-
skins/radio/gray03/btn_stop_up.bmp
-
skins/radio/gray03/btn_volcntrl_over.bmp
-
skins/radio/gray03/btn_volcntrl_up.bmp
-
skins/radio/gray03/playcntrl_bg.bmp
-
skins/radio/gray03/radio.bmp
-
skins/radio/gray03/radio_mask.bmp
-
skins/radio/gray03/radio_minimalized.bmp
-
skins/radio/gray03/radio_minimalized_mask.bmp
-
skins/radio/gray03/station.bmp
-
skins/radio/gray03/vol_01.bmp
-
skins/radio/gray03/vol_02.bmp
-
skins/radio/gray03/vol_03.bmp
-
skins/radio/gray03/volslide_bg.bmp
-
skins/radio/gray03/volslide_track.bmp
-
star_on.gif
-
update_progress.html
-
version.txt
-
version.xsl
-
weather_bubble.tmpl
-
weatherplugin.dll
36574711ddac880ec666c66830955202
Headers
Imports
Exports
Sections
-
$PLUGINSDIR/gplunger.dll
bb24ab9fddb167f7754f91e378a2b052
Headers
Imports
Exports
Sections
-
$PLUGINSDIR/ioSpecial.ini
-
$PLUGINSDIR/modern-wizard.bmp
-
$PLUGINSDIR/nsExec.dll
053c8c5da7b5f6a2513024b82859e1b0
Headers
Imports
Exports
Sections
-
$PLUGINSDIR/nsisFirewall.dll
1a4c99175e8891c64634680f4f238d51
Headers
Imports
Exports
Sections
-
$PLUGINSDIR/options.ini
-
$PLUGINSDIR/textreplace.dll
c9b875d3f7604775d782afcb308d92df
Headers
Imports
Exports
Sections
-
$PLUGINSDIR/unicode.dll
05f29a3dc3b7096bfdca7ddbd6b47dd0
Headers
Imports
Exports
Sections
-
ToolbarUpdate.exe
b4785ab5f09590fd79c781ce7cb4fba2
Code Sign
Headers
Imports
Sections
-
Uninst.exe.nsis
-
default.xml
-
icons.bmp
-
images/amazon.bmp
-
images/ebay.bmp
-
images/email.bmp
-
images/email2.bmp
-
images/wikipedia.bmp
-
images/yahoo.bmp
-
localization.xml
-
patch.bat
-
settings
-
ticker.html
-
$TEMPImg/VerControl.exe
514a9a1e5bae119ec76c5ca238859d46
Headers
Imports
Sections
-
$TEMPImg/askToolbarInstaller-1.9.1.0.exe
206513a2c97fa61166fe9ae13d91d955
Code Sign
Headers
Imports
Sections
-
$TEMPImg/chk.exe
514a9a1e5bae119ec76c5ca238859d46
Headers
Imports
Sections
-
$TEMPImg/vcheck.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections
-
Uninst.exe
7fa974366048f9c551ef45714595665e
Headers
Imports
Sections
-
$PLUGINSDIR/Processes.dll
f5edecae12589e705677a6e272ad0394
Headers
Imports
Exports
Sections
-
$TEMPImg/ioClean.ini
-
BriskAlbumCreator.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections
-
BriskAlbumCreator.url
-
DeepCyan.ssk
-
Gdi32Lib.dll
dae02f32a21e03ce65412f6e56942daa
Headers
Imports
Sections
-
ICSharpCode.SharpZipLib.dll
dae02f32a21e03ce65412f6e56942daa
Headers
Imports
Sections
-
IrisSkin2.dll
dae02f32a21e03ce65412f6e56942daa
Headers
Imports
Sections
-
Uninst.exe
7fa974366048f9c551ef45714595665e
Headers
Imports
Sections
-
$PLUGINSDIR/Processes.dll
f5edecae12589e705677a6e272ad0394
Headers
Imports
Exports
Sections
-
Updater.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections
-
Updater.xml
-
VPO-Setup.iss
-
VPO_Viewer.exe
Headers
Sections
-
VirtualPhotoOrganizer.vshost.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections
-
cygwin1.dll
Headers
Exports
Sections
-
images/FINDFILE16.gif
-
images/HTML-export.gif
-
images/Manage-Photos-Details.gif
-
images/Manage-Photos.gif
-
images/NoImage.bmp
-
images/Open-Photo.gif
-
images/Photo-Show-Details.gif
-
images/Slideshow.gif
-
images/Thumbs.db
-
images/activeTitle.bmp
-
images/app.ico
-
images/banner.jpg
-
images/delete.gif
-
images/delete.png
-
images/details.gif
-
images/down.bmp
-
images/html_export.png
-
images/import-photos.gif
-
images/import.png
-
images/inactiveTitle.bmp
-
images/left.bmp
-
images/link-to-website.gif
-
images/new-album.gif
-
images/new_album.png
-
images/next.gif
-
images/open.png
-
images/pause.bmp
-
images/play.bmp
-
images/previous.gif
-
images/print.gif
-
images/print.png
-
images/right.bmp
-
images/rotate-left.gif
-
images/rotate-right.gif
-
images/rotate_left.png
-
images/rotate_right.png
-
images/send-email.gif
-
images/slideshow.png
-
images/stop.bmp
-
images/up.bmp
-
license.txt
-
tools/register.exe
492138ce5716142bee4b8c6ddf19a2c0
Headers
Imports
Sections
-
tools/register_y.exe
492138ce5716142bee4b8c6ddf19a2c0
Headers
Imports
Sections