Overview

overview

7

Static

static

7

a1b9e585af...18.exe

windows7-x64

7

a1b9e585af...18.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

Mame32.chm

windows7-x64

1

Mame32.chm

windows10-2004-x64

1

kailleraclient.dll

windows7-x64

7

kailleraclient.dll

windows10-2004-x64

7

mame32k.exe

windows7-x64

7

mame32k.exe

windows10-2004-x64

7

mame32kk.exe

windows7-x64

3

mame32kk.exe

windows10-2004-x64

3

zip32.dll

windows7-x64

3

zip32.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    a1b9e585af7592a1f99c4b356a51b8ec_JaffaCakes118

  • Size

    4.7MB

  • MD5

    a1b9e585af7592a1f99c4b356a51b8ec

  • SHA1

    1699fa227bdecceea483fe621071f1e1d1169d4b

  • SHA256

    64f748d54f01779600d2d429d8ccb18611dd2b8e584147a48ec9799a9c513a7a

  • SHA512

    4845cb8878f962783c68253814b3321fd76aac576d5bef6f137beb0984eafb930f8aa33692adc2eeee35349e58252aad611ab1c44b3e7e61c269dc33c50ed51c

  • SSDEEP

    98304:F3qmFeot3HIeNXCY8HsPNpyX8hkSBTGxKx8+grc1Q+E69mU:F3qk3JXCnMPThOxwccMKmU

Score
7/10
upx

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 1 IoCs

    Detects file using ACProtect software.

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 7 IoCs

    Checks for missing Authenticode signature.

Files

  • a1b9e585af7592a1f99c4b356a51b8ec_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    dd1742eadfc6df18ded3c26ae64ad610


    Headers

    Imports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    b1cd0d78f652ce5fc63f0879371af012


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-header.bmp
  • $PLUGINSDIR/modern-wizard.bmp
  • MAME32kui.ini
  • Main_dtdj.ini
  • Mame32.chm
    .chm
  • cfg/default.cfg
  • ini/MAME32k.ini
  • join.wav
  • kaillera.txt
  • kailleraclient.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • out.upx
    .dll windows:4 windows x86 arch:x86


    Headers

    Sections

  • mame32k
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • mame32kk.exe
    .exe windows:5 windows x86 arch:x86

    4dbc5d08df28b8f55d5238d42ee67fa8


    Headers

    Imports

    Sections

  • readme.txt
  • roms/neogeo.zip
    .zip
  • neo-geo.rom
  • ng-lo.rom
  • ng-sfix.rom
  • ng-sm1.rom
  • roms/wb3.zip
    .zip
  • 317-0098.bin
  • ChinaEmu.nfo
  • epr12090.b1
  • epr12091.b2
  • epr12092.b3
  • epr12093.b4
  • epr12094.b5
  • epr12095.b6
  • epr12096.b7
  • epr12097.b8
  • epr12124.a14
  • epr12125.a15
  • epr12126.a16
  • epr12127.a10
  • epr12258.a5
  • epr12259.a7
  • read_me.txt
  • wb3.zip
    .zip
  • 317-0098.bin
  • ChinaEmu.nfo
  • epr12090.b1
  • epr12091.b2
  • epr12092.b3
  • epr12093.b4
  • epr12094.b5
  • epr12095.b6
  • epr12096.b7
  • epr12097.b8
  • epr12124.a14
  • epr12125.a15
  • epr12126.a16
  • epr12127.a10
  • epr12258.a5
  • epr12259.a7
  • read_me.txt
  • zip32.dll
    .dll windows:4 windows x86 arch:x86

    db1e4d25a40dfd2a9f2ff326c81166fe


    Headers

    Imports

    Exports

    Sections