Overview

overview

7

Static

static

3

Ludashi/360Inst.exe

windows7-x64

7

Ludashi/360Inst.exe

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$TEMP/360Inst_$0.exe

windows7-x64

7

$TEMP/360Inst_$0.exe

windows10-2004-x64

7

Ludashi/36...xy.dll

windows7-x64

3

Ludashi/36...xy.dll

windows10-2004-x64

3

Ludashi/360verify.dll

windows7-x64

3

Ludashi/360verify.dll

windows10-2004-x64

3

Ludashi/7Z.dll

windows7-x64

3

Ludashi/7Z.dll

windows10-2004-x64

3

Ludashi/Co...nZ.exe

windows7-x64

7

Ludashi/Co...nZ.exe

windows10-2004-x64

7

Ludashi/ComputerZ.sys

windows7-x64

1

Ludashi/ComputerZ.sys

windows10-2004-x64

1

Ludashi/Co...Z0.dll

windows7-x64

3

Ludashi/Co...Z0.dll

windows10-2004-x64

3

Ludashi/Co...Z1.dll

windows7-x64

3

Ludashi/Co...Z1.dll

windows10-2004-x64

3

Ludashi/Co...Z2.dll

windows7-x64

3

Ludashi/Co...Z2.dll

windows10-2004-x64

3

Ludashi/Co...Z4.dll

windows7-x64

3

Ludashi/Co...Z4.dll

windows10-2004-x64

3

Ludashi/Co...Z5.dll

windows7-x64

3

Ludashi/Co...Z5.dll

windows10-2004-x64

3

Ludashi/Co...Z7.dll

windows7-x64

3

Ludashi/Co...Z7.dll

windows10-2004-x64

3

Ludashi/Co...ce.exe

windows7-x64

7

Ludashi/Co...ce.exe

windows10-2004-x64

7

Ludashi/Co...CN.exe

windows7-x64

7

Ludashi/Co...CN.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    970af945a183e6e249f19cf187a6b28b_JaffaCakes118

  • Size

    8.0MB

  • MD5

    970af945a183e6e249f19cf187a6b28b

  • SHA1

    e2e5f0164ce27d9b8af0c3ef0dd12506a6354410

  • SHA256

    f4ed9af220b5d97a31562b725643f5a4d4d99a44032b73cc582f72265b6975a2

  • SHA512

    0bb699e2769666685b578067de1bf16a2766bad84485fb8f01615cdc42b115c75e1c6fa683677a612c93193111bf975467834593c3b9eeb8c801f30caba608c3

  • SSDEEP

    196608:eTzw6RBciAg69+IAWQ4BSQZRalpiA6tgK/MZP7Kf0F7h37/:sw8cvQMSQnaSgiS00F7R/

Score
3/10

Malware Config

Signatures

  • Unsigned PE 3 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 1 IoCs
    installer

Files

  • 970af945a183e6e249f19cf187a6b28b_JaffaCakes118
    .rar
  • Ludashi/360Inst.exe
    .exe windows:4 windows x86 arch:x86

    099c0646ea7282d232219f8807883be0


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    4ec328f99bdd944fc98d8a5cf11f7a62


    Headers

    Imports

    Exports

    Sections

  • $TEMP/360Inst_$0.exe
    .exe windows:4 windows x86 arch:x86

    e9b2fea055f70f4e29968990a3e68dfd


    Code Sign

    Headers

    Imports

    Sections

  • Ludashi/360SafeProxy.dll
    .dll windows:4 windows x86 arch:x86

    9d4b5d620c7bf3665677db943e009c15


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Ludashi/360verify.dll
    .dll windows:4 windows x86 arch:x86

    ce928fde4597fcf5a0df8d3d7203f05e


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Ludashi/7Z.dll
    .dll windows:4 windows x86 arch:x86

    72d1bfee97be4b38dd210f2f3a581d01


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Ludashi/ComputerMonZ.exe
    .exe windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • Ludashi/ComputerZ.set
  • Ludashi/ComputerZ.sys
    .sys windows:6 windows x86 arch:x86

    f9b9487f25a2c1e08c02f391387c5323


    Code Sign

    Headers

    Imports

    Sections

  • Ludashi/ComputerZ0.dll
    .dll windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • Ludashi/ComputerZ1.dll
    .dll windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • Ludashi/ComputerZ2.dll
    .dll windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • Ludashi/ComputerZ4.dll
    .dll windows:5 windows x86 arch:x86

    908e3442a750154739fccfee75b92193


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Ludashi/ComputerZ5.dll
    .dll windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • Ludashi/ComputerZ7.dll
    .dll regsvr32 windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • Ludashi/ComputerZOptions.xml
  • Ludashi/ComputerZService.exe
    .exe windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • Ludashi/ComputerZ_CN.exe
    .exe windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • Ludashi/ComputerZ_HardwareDll.dll
    .dll windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • Ludashi/ComputerZ_PowerSaveDll.dll
    .dll windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • Ludashi/ComputerZ_x64.sys
    .sys windows:6 windows x64 arch:x64

    fffbca93e6322995552b841c7d65b033


    Code Sign

    Headers

    Imports

    Sections

  • Ludashi/D3DX81ab.dll
    .dll windows:4 windows x86 arch:x86

    6560cc932b54f19ad0b6ca4b8d689c9e


    Headers

    Imports

    Exports

    Sections

  • Ludashi/DeviceHelper_x64.exe
    .exe windows:5 windows x64 arch:x64

    44fad628c4b3ac1e0165faa37e32b360


    Headers

    Imports

    Sections

  • Ludashi/Display3D.exe
    .exe windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • Ludashi/InstallStat.dll
    .dll windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • Ludashi/Light.png
    .png
  • Ludashi/Log.dat
  • Ludashi/PerformanceTest.dll
    .dll windows:5 windows x86 arch:x86

    e4a3a93f2ef2eef6056412e99de8b1cb


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • Ludashi/PowerSaveZ.sys
    .sys windows:6 windows x86 arch:x86

    684675d4939a84a195a701185861898d


    Code Sign

    Headers

    Imports

    Sections

  • Ludashi/PowerSaveZ_x64.sys
    .sys windows:6 windows x64 arch:x64

    0b310dcc6a8972455f0cd63396edfbfd


    Code Sign

    Headers

    Imports

    Sections

  • Ludashi/SchemeLib.dat
  • Ludashi/media/data.zip
    .zip
  • Scene.xml
  • demoback.jpg
    .jpg
  • earth.bmp
  • earth.x
  • earthbump.bmp
  • faerie.md2
  • faerie2.bmp
  • fireball.bmp
  • fontcourier.bmp
  • fonthaettenschweiler.bmp
  • fps.PNG
    .png
  • particlered.bmp
  • particlewhite.bmp
  • pjrock1.jpg
    .jpg
  • polygons.PNG
    .png
  • portal1.bmp
  • portal2.bmp
  • portal3.bmp
  • portal4.bmp
  • portal5.bmp
  • portal6.bmp
  • portal7.bmp
  • rockwall.bmp
  • sky_bk.jpg
    .jpg
  • sky_dn.jpg
    .jpg
  • sky_ft.jpg
    .jpg
  • sky_lf.jpg
    .jpg
  • sky_rt.jpg
    .jpg
  • sky_up.jpg
    .jpg
  • smoke.bmp
  • spheremap.jpg
    .jpg
  • time.PNG
    .png
  • xstepborder5.jpg
    .jpg
  • Ludashi/media/logo.png
    .png
  • Ludashi/media/map-20kdm2.pk3
    .zip
  • levelshots/20kdm2.tga
  • maps/20kdm2.aas
  • maps/20kdm2.bsp
  • models/mapobjects/gratelamp/gratetorch2.jpg
    .jpg
  • models/mapobjects/gratelamp/gratetorch2b.tga
  • models/mapobjects/timlamp/timlamp.tga
  • scripts/20kdm2.arena
  • scripts/common.shader
  • scripts/e7.shader
  • scripts/models.shader
  • scripts/sfx.shader
  • textures/e7/e7beam01.jpg
    .jpg
  • textures/e7/e7beam02_red.jpg
    .jpg
  • textures/e7/e7bigwall.jpg
    .jpg
  • textures/e7/e7bmtrim.jpg
    .jpg
  • textures/e7/e7bmtrim2.jpg
    .jpg
  • textures/e7/e7brickfloor01.jpg
    .jpg
  • textures/e7/e7brnmetal.jpg
    .jpg
  • textures/e7/e7dimfloor.jpg
    .jpg
  • textures/e7/e7panelwood.jpg
    .jpg
  • textures/e7/e7sbrickfloor.jpg
    .jpg
  • textures/e7/e7steptop.jpg
    .jpg
  • textures/e7/e7steptop2.jpg
    .jpg
  • textures/e7/e7swindow.jpg
    .jpg
  • textures/e7/e7walldesign01b.jpg
    .jpg
  • textures/gothic_floor/xstepborder5.jpg
    .jpg
  • textures/gothic_trim/metalblackwave01.jpg
    .jpg
  • textures/liquids/lavahell.jpg
    .jpg
  • textures/sfx/flame1.jpg
    .jpg
  • textures/sfx/flame2.jpg
    .jpg
  • textures/sfx/flame3.jpg
    .jpg
  • textures/sfx/flame4.jpg
    .jpg
  • textures/sfx/flame5.jpg
    .jpg
  • textures/sfx/flame6.jpg
    .jpg
  • textures/sfx/flame7.jpg
    .jpg
  • textures/sfx/flame8.jpg
    .jpg
  • textures/sfx/flameball.jpg
    .jpg
  • textures/stone/pjrock1.jpg
    .jpg
  • Ludashi/update.exe
    .exe windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections