General

  • Target

    ae8a7fe8e03eb94986760611e59e306b_JaffaCakes118

  • Size

    2.1MB

  • MD5

    ae8a7fe8e03eb94986760611e59e306b

  • SHA1

    5be5f22c60adc21b75816c4b8662c8edcea5df0c

  • SHA256

    4036faa71b46ead50240fd4a8924c5ea94dd139dbc741afd73eac0f9e4d96d8d

  • SHA512

    7591f70d768607db27c241c6df759b8bcfb45f3bbd5aa29f563f2d32c1e24b8ddc07dccc6f655c91a03a9fa1c08c72695893717518cc53af67f44885b2a9abbb

  • SSDEEP

    49152:KysPhyl3Sbds/o0fMQSR7B/hTPCX0+fQ99ZHg65y/57Zf0KyfDtS2b3ukTXmhTC:DWCgs0BR7DrCkr99lSZuQg3ukTXI+

Score
3/10

Malware Config

Signatures

  • Unsigned PE 7 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 4 IoCs

Files

  • ae8a7fe8e03eb94986760611e59e306b_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    57e98d9a5a72c8d7ad8fb7a6a58b3daf


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    610235b90207a63ccf481f0d4375d329


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/KillProcDLL.dll
    .dll windows:4 windows x86 arch:x86

    153027ec3b10bcea606b777657dd3402


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-wizard.bmp
  • $PLUGINSDIR/time.dll
    .dll windows:4 windows x86 arch:x86

    2e3a4d1f132aea64d421c1e936bcc407


    Headers

    Imports

    Exports

    Sections

  • ContextMenu32.dll
    .dll regsvr32 windows:5 windows x86 arch:x86

    eab1ca95167caeb8dcea88c3e833cdb9


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • ContextMenu64.dll
    .dll regsvr32 windows:5 windows x64 arch:x64

    71c45e010f11d69194dbe7c560403449


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • JJExpandSvr.exe
    .exe windows:5 windows x86 arch:x86

    b2e39833d5db8f6bb32c4a550b89068b


    Code Sign

    Headers

    Imports

    Sections

  • JJZip.dll
    .dll windows:5 windows x86 arch:x86

    991d7e412363b7a47c554ef06f26f7c1


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • JJZip.exe
    .exe windows:5 windows x86 arch:x86

    721b21d40f9d302428505511a700947a


    Code Sign

    Headers

    Imports

    Sections

  • JJZipExpand.exe
    .exe windows:5 windows x86 arch:x86

    c4f3356f88931bb57e86d00d9918c4e5


    Code Sign

    Headers

    Imports

    Sections

  • JJZipGui.exe
    .exe windows:5 windows x86 arch:x86

    87f9d4eb4ac738b93ef3ff44f00e3de1


    Code Sign

    Headers

    Imports

    Sections

  • JJZipHelper.exe
    .exe windows:5 windows x86 arch:x86

    f358a5a940aa9f71b221d7b891a5c0ba


    Code Sign

    Headers

    Imports

    Sections

  • Lang/en.ttt
  • Lang/zh-cn.txt
  • Skin/allrename.png
    .png
  • Skin/allreplace.png
    .png
  • Skin/allskip.png
    .png
  • Skin/bg.png
    .png
  • Skin/bk.png
    .png
  • Skin/browser.png
    .png
  • Skin/btn_OpenDir.png
    .png
  • Skin/btn_cat.png
    .png
  • Skin/btn_copy.png
    .png
  • Skin/cancle.png
    .png
  • Skin/check.png
    .png
  • Skin/close.png
    .png
  • Skin/commit.png
    .png
  • Skin/comp.png
    .png
  • Skin/copywc.png
    .png
  • Skin/decomp.png
    .png
  • Skin/decomprogbutton.png
    .png
  • Skin/ding.wav
  • Skin/feedback.png
    .png
  • Skin/helper.png
    .png
  • Skin/huifu.png
    .png
  • Skin/ico.png
    .png
  • Skin/img.png
    .png
  • Skin/jywc.png
    .png
  • Skin/lg.png
    .png
  • Skin/mainmenu.png
    .png
  • Skin/max.png
    .png
  • Skin/menu_btn_compress.png
    .png
  • Skin/menu_btn_delete.png
    .png
  • Skin/menu_btn_info.png
    .png
  • Skin/menu_btn_test.png
    .png
  • Skin/menu_btn_uncompress.png
    .png
  • Skin/min.png
    .png
  • Skin/pbk.png
    .png
  • Skin/prog.png
    .png
  • Skin/put.png
    .png
  • Skin/rbk.png
    .png
  • Skin/rename.png
    .png
  • Skin/replace.png
    .png
  • Skin/shadow.png
    .png
  • Skin/skip.png
    .png
  • Skin/stop.png
    .png
  • Skin/top_bg.png
    .png
  • Skin/txt.png
    .png
  • Skin/yswc.png
    .png
  • Uninstall.exe
    .exe windows:4 windows x86 arch:x86

    099c0646ea7282d232219f8807883be0


    Headers

    Imports

    Sections

  • $PLUGINSDIR/ExecCmd.dll
    .dll windows:4 windows x86 arch:x86

    bf44c9fb48bb8c36b3e2527e7252350d


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/FindProcDLL.dll
    .dll windows:4 windows x86 arch:x86

    8df26927f8978d4eb40ff179c0aa961b


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/KillProcDLL.dll
    .dll windows:4 windows x86 arch:x86

    153027ec3b10bcea606b777657dd3402


    Headers

    Imports

    Exports

    Sections

  • Uninstall.exe.nsis