Overview

overview

8

Static

static

7

FPC.exe

windows7-x64

3

FPC.exe

windows10-2004-x64

3

Model10.dll

windows7-x64

1

Model10.dll

windows10-2004-x64

1

Model7.dll

windows7-x64

1

Model7.dll

windows10-2004-x64

1

Model8.dll

windows7-x64

1

Model8.dll

windows10-2004-x64

1

Model9.dll

windows7-x64

1

Model9.dll

windows10-2004-x64

1

Scr.dll

windows7-x64

1

Scr.dll

windows10-2004-x64

1

install_fl..._x.exe

windows7-x64

8

install_fl..._x.exe

windows10-2004-x64

8

$PLUGINSDI...ay.dll

windows7-x64

3

$PLUGINSDI...ay.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...fo.dll

windows7-x64

3

$PLUGINSDI...fo.dll

windows10-2004-x64

3

$PLUGINSDI...ll.dll

windows7-x64

3

$PLUGINSDI...ll.dll

windows10-2004-x64

3

$PLUGINSDI...ec.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows10-2004-x64

3

$TEMP/Flas...0c.exe

windows7-x64

3

$TEMP/Flas...0c.exe

windows10-2004-x64

3

Flash10c.dll

windows7-x64

3

Flash10c.dll

windows10-2004-x64

3

FlashUtil10c.exe

windows7-x64

3

FlashUtil10c.exe

windows10-2004-x64

3

新云软件.url

windows7-x64

1

新云软件.url

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    a8eb9c1800f358ef80a0152e3118b7c7_JaffaCakes118

  • Size

    7.2MB

  • MD5

    a8eb9c1800f358ef80a0152e3118b7c7

  • SHA1

    2927eaa4572b8147f025e0c96f95f05c5c84a337

  • SHA256

    c9ffbaffaf2581a08bdd01d5b99cb62f3072d7c00d598fb1f414308328a07690

  • SHA512

    5b14dd35d72095c0c9f049c1f719049285cae4e843122f0d324ac3e91889663e34669fb228a0dc9ed7aa121671ee4b3052d5e494887358441bff58536b34cdcf

  • SSDEEP

    196608:j4IbvgvFLMnXjSrgLSBgC/RFtLNDPBW8PwMPRhSM71UC0:0AgvuSrdndNDlwyRhpR0

Score
7/10
aspackv2

Malware Config

Signatures

  • ASPack v2.12-2.42 1 IoCs

    Detects executables packed with ASPack v2.12-2.42

    aspackv2
  • Unsigned PE 6 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 1 IoCs
    installer

Files

  • a8eb9c1800f358ef80a0152e3118b7c7_JaffaCakes118
    .rar
  • FPC.exe
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections

  • Model10.DLL
  • Model7.DLL
  • Model8.DLL
  • Model9.DLL
  • Scr.DLL
  • install_flash_player_10_active_x.exe
    .exe windows:4 windows x86 arch:x86

    8f26fcd857d64db1a0ee4f8bdb240223


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/NSISArray.dll
    .dll windows:4 windows x86 arch:x86

    91596216b99c852af6e0fb1fe8192de4


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    4ec328f99bdd944fc98d8a5cf11f7a62


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/UserInfo.dll
    .dll windows:4 windows x86 arch:x86

    48cfa0ea7e353e4a7dd23572da8374ef


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/fpinstall.dll
    .dll windows:4 windows x86 arch:x86

    4bb7026bcfe942cdf23b6f661ad54f48


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsExec.dll
    .dll windows:4 windows x86 arch:x86

    238a16a49edf3ab59e2f8c89449c9af7


    Headers

    Imports

    Exports

    Sections

  • $TEMP/FlashUtil10c.exe
    .exe windows:5 windows x86 arch:x86

    c8a9f0aa8ca1ec9669a57e97c635955d


    Code Sign

    Headers

    Imports

    Sections

  • Flash10c.ocx
    .dll regsvr32 windows:5 windows x86 arch:x86

    bbcf2461b6afdae4c3c84c0cf582063b


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • FlashUtil10c.exe
    .exe windows:5 windows x86 arch:x86

    c8a9f0aa8ca1ec9669a57e97c635955d


    Code Sign

    Headers

    Imports

    Sections

  • uninstall_activeX.exe.nsis
  • 新云软件.url
    .url