Overview

overview

8

Static

static

7

b2c5dc248c...18.exe

windows7-x64

7

b2c5dc248c...18.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...sh.dll

windows7-x64

3

$PLUGINSDI...sh.dll

windows10-2004-x64

3

WinPcap_3_0_nogui.exe

windows7-x64

8

WinPcap_3_0_nogui.exe

windows10-2004-x64

8

login/Login.exe

windows7-x64

3

login/Login.exe

windows10-2004-x64

3

mpjdjf.exe

windows7-x64

1

mpjdjf.exe

windows10-2004-x64

3

readme.htm

windows7-x64

3

readme.htm

windows10-2004-x64

3

uninst.exe

windows7-x64

7

uninst.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    b2c5dc248c635bfd2e749b7de029db28_JaffaCakes118

  • Size

    2.0MB

  • MD5

    b2c5dc248c635bfd2e749b7de029db28

  • SHA1

    3fa8d2e4f5efb6cd283d1b6dbfeb0c891071dfe6

  • SHA256

    9239060fd94f2a09916410b3ba7a37bb748ed55d1728fd0697889ad749fd5574

  • SHA512

    772d1dfddbfc91ce709f598bac197b7d5aa60a513db1cfe550908fd491c22a6318b2fc00a0c8f4fefefca6726e80b2c6a33380d3b361d062db6b5467c5bd32dd

  • SSDEEP

    49152:hp4QyiKQFmyuG7EfGV1R2JxA9F7u37b6sJWne+c7nwn5gU:/P0QFQOjYIhs1JWne+c7sqU

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 7 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 2 IoCs
    installer

Files

  • b2c5dc248c635bfd2e749b7de029db28_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    9632e80596371cfa7f563f680f3c4498


    Headers

    Imports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    3764e6c387ce3c76b39936a24d523dce


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/advsplash.dll
    .dll windows:4 windows x86 arch:x86

    41e025c99a5f731479582ce64a2527f4


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-header.bmp
  • $PLUGINSDIR/modern-wizard.bmp
  • $TEMP/spltmp.bmp
  • SWGL.mdb
  • WinPcap_3_0_nogui.exe
    .exe windows:1 windows x86 arch:x86


    Headers

    Sections

  • help/BQ.jpg
    .jpg
  • help/BasePanel.jpg
    .jpg .ps1 polyglot
  • help/BaseSetup.jpg
    .jpg
  • help/HouseSetup.jpg
    .jpg
  • help/Register.jpg
    .jpg
  • help/RightMenu.jpg
    .jpg
  • help/UserSetup.jpg
    .jpg
  • help/about.jpg
    .jpg
  • help/computersetup.jpg
    .jpg
  • help/image001.jpg
    .jpg
  • help/menu1.jpg
    .jpg
  • help/menu2.jpg
    .jpg
  • help/quick.jpg
    .jpg
  • help/step01.jpg
    .jpg
  • help/step02.jpg
    .jpg
  • help/step03.jpg
    .jpg
  • help/step04.jpg
    .jpg
  • help/step05.jpg
    .jpg
  • help/step06.jpg
    .jpg
  • login/Login.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • mpjdjf.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • readme.htm
    .html
  • uninst.exe
    .exe windows:4 windows x86 arch:x86

    9632e80596371cfa7f563f680f3c4498


    Headers

    Imports

    Sections

  • $PLUGINSDIR/modern-header.bmp