Overview

overview

7

Static

static

7

a2478305c1...18.exe

windows7-x64

7

a2478305c1...18.exe

windows10-2004-x64

7

"aminstall.dll

windows7-x64

3

"aminstall.dll

windows10-2004-x64

3

"solitaire.exe

windows7-x64

3

"solitaire.exe

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...nu.dll

windows7-x64

3

$PLUGINSDI...nu.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

Uninstall.exe

windows7-x64

7

Uninstall.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

fmod.dll

windows7-x64

7

fmod.dll

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a2478305c1b7b6ec27f71e0ee1588895_JaffaCakes118

  • Size

    3.0MB

  • MD5

    a2478305c1b7b6ec27f71e0ee1588895

  • SHA1

    fd92d777f4ddb8dd8ee2bfbd55d1a0a69d39b07b

  • SHA256

    6c4ffe6a2e0bba150fbddcc4c7d181753415ae25e18577b020561b7c8f6fe477

  • SHA512

    d5ee497ee3f5497b69fa9c5764b7c4f4fcab4b6bbbb85f468763f7a82fb32c221f8a39a1497aee93c757f7be0ef39531ead2a7339bb6c4d5d25da6c884150e48

  • SSDEEP

    98304:Ck4gyY1nreB41lPyO37TLN1aavvKScI1iBXwJ8:CkXyYpyB43PLvAXU8

Score
7/10
upx

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 1 IoCs

    Detects file using ACProtect software.

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 9 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 2 IoCs
    installer

Files

  • a2478305c1b7b6ec27f71e0ee1588895_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    dae718ca7c0da2949ad685c2d593ec7a


    Headers

    Imports

    Sections

  • "aminstall.dll"
    .dll windows:4 windows x86 arch:x86

    39bf2f9400b25dffe6038f4810921a11


    Headers

    Imports

    Exports

    Sections

  • "solitaire.exe"
    .exe windows:4 windows x86 arch:x86

    51c4e98e76bd946f81a1a9c26b55ce8b


    Headers

    Imports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    3764e6c387ce3c76b39936a24d523dce


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/StartMenu.dll
    .dll windows:4 windows x86 arch:x86

    aebc3107701149edfc563b8db7a789fd


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    445ca064c668ebcb89957d525a8bef23


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-header.bmp
  • $PLUGINSDIR/modern-wizard.bmp
  • Uninstall.exe
    .exe windows:4 windows x86 arch:x86

    dae718ca7c0da2949ad685c2d593ec7a


    Headers

    Imports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    3764e6c387ce3c76b39936a24d523dce


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-header.bmp
  • $PLUGINSDIR/modern-wizard.bmp
  • data.zip
    .zip
  • cards/deck.bmp
  • cards/deck.spr
  • cards/hint.bmp
  • cards/hint.spr
  • cards/karo.bmp
  • cards/karo.spr
  • cards/kijelol.spr
  • cards/kijelol3.bmp
  • cards/kor.bmp
  • cards/kor.spr
  • cards/pikk.bmp
  • cards/pikk.spr
  • cards/place.bmp
  • cards/place.spr
  • cards/places.bmp
  • cards/shadow.bmp
  • cards/shadow.spr
  • cards/treff.bmp
  • cards/treff.spr
  • cards/value_drop.bmp
  • cards/value_drop.spr
  • credits/credits_over.bmp
  • credits/credits_over.spr
  • credits/credits_tit.bmp
  • credits/credits_tit.spr
  • credits/flair.bmp
  • credits/flair.spr
  • credits/screen1.bmp
  • credits/screen1.spr
  • credits/screen1b.bmp
  • credits/screen1b.spr
  • credits/screen2.bmp
  • credits/screen2.spr
  • credits/screen3.bmp
  • credits/screen3.spr
  • fonts/11pt_tahoma.bmp
  • fonts/11pt_tahoma.dat
  • fonts/11pt_tahoma.fnt
  • fonts/11pt_tahoma.spr
  • fonts/9pt_tahoma.bmp
  • fonts/9pt_tahoma.dat
  • fonts/9pt_tahoma.fnt
  • fonts/9pt_tahoma.spr
  • fonts/arial14pt.bmp
  • fonts/arial14pt.dat
  • fonts/arial14pt.fnt
  • fonts/arial14pt.spr
  • fonts/font1.bmp
  • fonts/font1.dat
  • fonts/font1.fnt
  • fonts/font1.spr
  • fonts/font3.bmp
  • fonts/font3.dat
  • fonts/font3.fnt
  • fonts/font3.spr
  • fonts/font_timer.bmp
  • fonts/font_timer.dat
  • fonts/font_timer.fnt
  • fonts/font_timer.spr
  • games/blind.bmp
  • games/blind.spr
  • games/canfield.bmp
  • games/canfield.spr
  • games/chinese.bmp
  • games/chinese.spr
  • games/east.bmp
  • games/east.spr
  • games/fourteen.bmp
  • games/fourteen.spr
  • games/freecell.bmp
  • games/freecell.spr
  • games/golf.bmp
  • games/golf.spr
  • games/klondike.bmp
  • games/klondike.spr
  • games/pyramid.bmp
  • games/pyramid.spr
  • games/pyramidgolf.bmp
  • games/pyramidgolf.spr
  • gamescreen/clock.bmp
  • gamescreen/clock.spr
  • gamescreen/desk.bmp
  • gamescreen/desk.spr
  • gamescreen/game.def
  • gamescreen/game_deal.bmp
  • gamescreen/game_deal.spr
  • gamescreen/game_exit.bmp
  • gamescreen/game_exit.spr
  • gamescreen/game_hint.bmp
  • gamescreen/game_hint.spr
  • gamescreen/game_music.bmp
  • gamescreen/game_music.spr
  • gamescreen/game_replay.bmp
  • gamescreen/game_replay.spr
  • gamescreen/game_sound.bmp
  • gamescreen/game_sound.spr
  • gamescreen/game_undo.bmp
  • gamescreen/game_undo.spr
  • help/help_over.bmp
  • help/help_over.spr
  • help/help_tit.bmp
  • help/help_tit.spr
  • help/stat_over.bmp
  • help/stat_over.spr
  • mainmenu/g_s_credits.bmp
  • mainmenu/g_s_credits.spr
  • mainmenu/g_s_descr.bmp
  • mainmenu/g_s_descr.spr
  • mainmenu/g_s_exit.bmp
  • mainmenu/g_s_exit.spr
  • mainmenu/g_s_help.bmp
  • mainmenu/g_s_help.spr
  • mainmenu/g_s_menu.bmp
  • mainmenu/g_s_menu.spr
  • mainmenu/g_s_prev.bmp
  • mainmenu/g_s_prev.spr
  • mainmenu/g_s_reset.bmp
  • mainmenu/g_s_reset.spr
  • mainmenu/g_s_screen.bmp
  • mainmenu/g_s_screen.spr
  • mainmenu/g_s_screen1.bmp
  • mainmenu/g_s_screen1.spr
  • mainmenu/g_s_settings.bmp
  • mainmenu/g_s_settings.spr
  • mainmenu/g_s_stat.bmp
  • mainmenu/g_s_stat.spr
  • mainmenu/g_s_stat_old.bmp
  • mainmenu/g_s_table.bmp
  • mainmenu/menu.def
  • mainmenu/menu2.def
  • mainmenu/play1.bmp
  • mainmenu/play1.spr
  • mainmenu/settings_ok.bmp
  • mainmenu/settings_ok.spr
  • mainmenu/stat_reset.bmp
  • mainmenu/stat_reset.spr
  • music/down.xm
  • music/overthere.xm
  • music/solitude.xm
  • rules.def
  • settings/settings_over.bmp
  • settings/settings_over.spr
  • settings/settings_tit.bmp
  • settings/settings_tit.spr
  • sounds/cardhitcard.wav
  • sounds/cardhitwood.wav
  • sounds/cardturn1.wav
  • sounds/cardturn2.wav
  • sounds/cut1.wav
  • sounds/doublecut.wav
  • sounds/quickshuffle1.wav
  • sounds/quickshuffle2.wav
  • sounds/shuffle1.wav
  • sounds/tap1.wav
  • sounds/tap2.wav
  • sounds/win.wav
  • titles/blind_tit.bmp
  • titles/blind_tit.spr
  • titles/canfield_tit.bmp
  • titles/canfield_tit.spr
  • titles/chinese_tit.bmp
  • titles/chinese_tit.spr
  • titles/east_tit.bmp
  • titles/east_tit.spr
  • titles/fourteen_tit.bmp
  • titles/fourteen_tit.spr
  • titles/freecell_tit.bmp
  • titles/freecell_tit.spr
  • titles/golf_tit.bmp
  • titles/golf_tit.spr
  • titles/klondike_tit.bmp
  • titles/klondike_tit.spr
  • titles/pyramid_tit.bmp
  • titles/pyramid_tit.spr
  • titles/pyramidgolf_tit.bmp
  • titles/pyramidgolf_tit.spr
  • ui/ui_check.bmp
  • ui/ui_check.spr
  • ui/ui_radio.bmp
  • ui/ui_radio.spr
  • fmod.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • settings.ini
  • stats.bin