Overview

overview

7

Static

static

3

aeda1c81d2...18.exe

windows7-x64

7

aeda1c81d2...18.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...nu.dll

windows7-x64

3

$PLUGINSDI...nu.dll

windows10-2004-x64

3

Help/files/dtree.js

windows7-x64

3

Help/files/dtree.js

windows10-2004-x64

3

Help/files...ive.js

windows7-x64

3

Help/files...ive.js

windows10-2004-x64

3

Help/files...B}.htm

windows7-x64

3

Help/files...B}.htm

windows10-2004-x64

3

Help/files...7}.htm

windows7-x64

3

Help/files...7}.htm

windows10-2004-x64

3

Help/files...5}.htm

windows7-x64

3

Help/files...5}.htm

windows10-2004-x64

3

Help/files...5}.htm

windows7-x64

3

Help/files...5}.htm

windows10-2004-x64

1

Help/files...C}.htm

windows7-x64

3

Help/files...C}.htm

windows10-2004-x64

3

Help/files...3}.htm

windows7-x64

3

Help/files...3}.htm

windows10-2004-x64

3

Help/files...9}.htm

windows7-x64

3

Help/files...9}.htm

windows10-2004-x64

3

Help/files...7}.htm

windows7-x64

3

Help/files...7}.htm

windows10-2004-x64

3

ScreenShot.exe

windows7-x64

3

ScreenShot.exe

windows10-2004-x64

3

msvcr90.dll

windows7-x64

3

msvcr90.dll

windows10-2004-x64

3

sbp.dll

windows7-x64

3

sbp.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    aeda1c81d25d303582bc6d788effb8dc_JaffaCakes118

  • Size

    2.4MB

  • MD5

    aeda1c81d25d303582bc6d788effb8dc

  • SHA1

    1c4204add36146af9c8c0476ed4f136a24db501b

  • SHA256

    fe38cd98aa29dc219b798b2ca9d7efa37217066b367cc0a68180c5bd2ea9ea5b

  • SHA512

    36df2544014e0ae0d70c5300926d836bb2c41c33fb1e94a7cdda1508e06330cf6b46c80718973c91e4960c6c33f9c2fc041214bc8a5058db7692f8c6543856b2

  • SSDEEP

    49152:tZdiSJEu8wFTso1stG+GkXVWJoJCoVK5HDmh8/AfHlz2ou2SchkyIJ:JZYo+U+G4VOECoVkHD5ofHd2whm

Score
3/10

Malware Config

Signatures

  • Unsigned PE 9 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 4 IoCs
    installer

Files

  • aeda1c81d25d303582bc6d788effb8dc_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    7fa974366048f9c551ef45714595665e


    Headers

    Imports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    b1cd0d78f652ce5fc63f0879371af012


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/StartMenu.dll
    .dll windows:4 windows x86 arch:x86

    a648aeaa164b592c1e8892a10400b5ae


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-wizard.bmp
  • Help/files/Thumbs.db
  • Help/files/base.gif
    .gif
  • Help/files/codec_1.jpg
    .jpg
  • Help/files/codec_2.jpg
    .jpg
  • Help/files/codec_3.jpg
    .jpg
  • Help/files/codec_4.jpg
    .jpg
  • Help/files/dtree.css
  • Help/files/dtree.js
    .js
  • Help/files/empty.gif
    .gif
  • Help/files/folder.gif
    .gif
  • Help/files/folderopen.gif
    .gif
  • Help/files/img_1.jpg
    .jpg
  • Help/files/img_10.jpg
    .jpg
  • Help/files/img_11.jpg
    .jpg
  • Help/files/img_12.jpg
    .jpg
  • Help/files/img_13.jpg
    .jpg
  • Help/files/img_14.jpg
    .jpg
  • Help/files/img_15.jpg
    .jpg
  • Help/files/img_16.jpg
    .jpg
  • Help/files/img_17.jpg
    .jpg
  • Help/files/img_18.jpg
    .jpg
  • Help/files/img_19.jpg
    .jpg
  • Help/files/img_2.jpg
    .jpg
  • Help/files/img_20.jpg
    .jpg
  • Help/files/img_21.jpg
    .jpg
  • Help/files/img_22.jpg
    .jpg
  • Help/files/img_23.jpg
    .jpg
  • Help/files/img_24.jpg
    .jpg
  • Help/files/img_25.jpg
    .jpg
  • Help/files/img_26.jpg
    .jpg
  • Help/files/img_27.jpg
    .jpg
  • Help/files/img_28.jpg
    .jpg
  • Help/files/img_29.jpg
    .jpg
  • Help/files/img_3.jpg
    .jpg
  • Help/files/img_30.jpg
    .jpg
  • Help/files/img_31.jpg
    .jpg
  • Help/files/img_32.jpg
    .jpg
  • Help/files/img_33.jpg
    .jpg
  • Help/files/img_34.jpg
    .jpg
  • Help/files/img_35.jpg
    .jpg
  • Help/files/img_36.jpg
    .jpg
  • Help/files/img_37.jpg
    .jpg
  • Help/files/img_38.jpg
    .jpg
  • Help/files/img_39.jpg
    .jpg
  • Help/files/img_4.jpg
    .jpg
  • Help/files/img_40.jpg
    .jpg
  • Help/files/img_41.jpg
    .jpg
  • Help/files/img_42.jpg
    .jpg
  • Help/files/img_43.jpg
    .jpg
  • Help/files/img_44.jpg
    .jpg
  • Help/files/img_45.jpg
    .jpg
  • Help/files/img_46.jpg
    .jpg
  • Help/files/img_47.jpg
    .jpg
  • Help/files/img_48.jpg
    .jpg
  • Help/files/img_49.jpg
    .jpg
  • Help/files/img_5.jpg
    .jpg
  • Help/files/img_50.jpg
    .jpg
  • Help/files/img_51.jpg
    .jpg
  • Help/files/img_52.jpg
    .jpg
  • Help/files/img_53.jpg
    .jpg
  • Help/files/img_6.jpg
    .jpg
  • Help/files/img_7.jpg
    .jpg
  • Help/files/img_8.jpg
    .jpg
  • Help/files/img_9.jpg
    .jpg
  • Help/files/join.gif
    .gif
  • Help/files/joinbottom.gif
    .gif
  • Help/files/jsrelative.js
    .js
  • Help/files/line.gif
    .gif
  • Help/files/minus.gif
    .gif
  • Help/files/minusbottom.gif
    .gif
  • Help/files/nolines_minus.gif
    .gif
  • Help/files/nolines_plus.gif
    .gif
  • Help/files/page.gif
    .gif
  • Help/files/plus.gif
    .gif
  • Help/files/plusbottom.gif
    .gif
  • Help/files/ss_1.jpg
    .jpg
  • Help/files/ss_2.jpg
    .jpg
  • Help/files/ss_3.jpg
    .jpg
  • Help/files/ss_4.jpg
    .jpg
  • Help/files/ss_5.jpg
    .jpg
  • Help/files/ss_6.jpg
    .jpg
  • Help/files/ss_7.jpg
    .jpg
  • Help/files/ss_8.jpg
    .jpg
  • Help/files/toc.htm
    .html .js polyglot
  • Help/files/video_2.jpg
    .jpg
  • Help/files/video_3.jpg
    .jpg
  • Help/files/video_4.jpg
    .jpg
  • Help/files/video_5.jpg
    .jpg
  • Help/files/video_6.jpg
    .jpg
  • Help/files/video_7.jpg
    .jpg
  • Help/files/{0C97418B-7A7F-4293-9D2C-D9778F74521B}.htm
    .html
  • Help/files/{5F047AC9-D6D1-46F9-AF78-3445F6332DE7}.htm
    .html
  • Help/files/{6ACF88C6-0255-45AB-BBC3-82C641AE6305}.htm
    .html
  • Help/files/{7188E2FD-DE6C-4639-88AB-AF05A5359575}.htm
    .html
  • Help/files/{C9DD345B-1786-47D8-A104-9C707EFBE51C}.htm
    .html
  • Help/files/{F95069BB-3E89-4C79-8356-615D4707E8E3}.htm
    .html
  • Help/files/{FB80BAA3-EC30-4FF5-85BC-403B90C7F6C9}.htm
    .html
  • Help/files/{FE41D14D-3EC8-49AB-8EFE-5E78D20291F7}.htm
    .html
  • Help/index.htm
    .html .js polyglot
  • Microsoft.VC90.CRT.manifest
    .xml
  • ScreenShot.exe
    .exe windows:4 windows x86 arch:x86

    bfca63d15e0189e830dd66a1e457f3a0


    Headers

    Imports

    Sections

  • Skins/Office12Style.asz
  • Skins/Office2007 Black.asz
  • Skins/Office2007 Blue.asz
  • Skins/Opus.asz
  • Skins/Steam.asz
  • Skins/WMP 2008.asz
  • Skins/skin.asz
  • config.ini
  • license.txt
  • msvcr90.dll
    .dll windows:5 windows x86 arch:x86

    0fda4497453286b1daa098623dfc53ce


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • sbp.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • scr_lib.dll
    .dll windows:5 windows x86 arch:x86

    9228f694795302e7e5d662ef99bdcdf6


    Headers

    Imports

    Exports

    Sections

  • sound.wav
  • uninst.exe
    .exe windows:4 windows x86 arch:x86

    7fa974366048f9c551ef45714595665e


    Headers

    Imports

    Sections

  • update.ini
  • update_lib.dll
    .dll windows:5 windows x86 arch:x86

    e03362ba00efbf20b802ee5f7ea5954b


    Headers

    Imports

    Exports

    Sections

  • video_lib.dll
    .dll windows:5 windows x86 arch:x86

    6d9efeec77786da24354a2410421cf8d


    Headers

    Imports

    Exports

    Sections