Overview

overview

7

Static

static

7

b3ec32c1d2...18.exe

windows7-x64

7

b3ec32c1d2...18.exe

windows10-2004-x64

7

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$TEMP/micr....0.exe

windows7-x64

7

$TEMP/micr....0.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$R0.dll

windows7-x64

3

$R0.dll

windows10-2004-x64

3

$R2/NSIS.L...4_.exe

windows7-x64

1

$R2/NSIS.L...4_.exe

windows10-2004-x64

3

$SYSDIR/MACDll.dll

windows7-x64

3

$SYSDIR/MACDll.dll

windows10-2004-x64

3

$SYSDIR/lame_enc.dll

windows7-x64

3

$SYSDIR/lame_enc.dll

windows10-2004-x64

3

$SYSDIR/li...le.dll

windows7-x64

7

$SYSDIR/li...le.dll

windows10-2004-x64

7

$SYSDIR/ogg.dll

windows7-x64

3

$SYSDIR/ogg.dll

windows10-2004-x64

3

$SYSDIR/vorbis.dll

windows7-x64

3

$SYSDIR/vorbis.dll

windows10-2004-x64

3

$SYSDIR/vo...le.dll

windows7-x64

3

$SYSDIR/vo...le.dll

windows10-2004-x64

3

bin/MACDll.dll

windows7-x64

3

bin/MACDll.dll

windows10-2004-x64

3

bin/lame_enc.dll

windows7-x64

3

bin/lame_enc.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    b3ec32c1d227c013464bd5b080b83171_JaffaCakes118

  • Size

    1.8MB

  • MD5

    b3ec32c1d227c013464bd5b080b83171

  • SHA1

    bbd168b991b2a357fae814228453320613b7749b

  • SHA256

    c1002f7186b70f520471ccf4956d5f734abdf09ba514f3127db5d167c4909877

  • SHA512

    8b823b1cdf67b27e20bb99643aa4344c87099609a6e9fc677db8504467d0430c53848d5ffbb7a5a49b565c1371a50b394224d5524cad9cd88334729daffb275b

  • SSDEEP

    49152:mXiuBQnIBGblj+oBpQJWbG1xM5vv9LR7HlwglxO1aIjbKst:UHGbljhEJWKMnpHWgXKaIjbKi

Score
7/10
upx

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 2 IoCs

    Detects file using ACProtect software.

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 23 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 3 IoCs
    installer

Files

  • b3ec32c1d227c013464bd5b080b83171_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    28a099a911237a28521d8b7ea250f089


    Headers

    Imports

    Sections

  • $PLUGINSDIR/NSISdl.dll
    .dll windows:4 windows x86 arch:x86

    826f63babc644cdb846b4d888d102fa0


    Headers

    Imports

    Exports

    Sections

  • $TEMP/microphone-recorder-plus-1.0.exe
    .exe windows:4 windows x86 arch:x86

    7fa974366048f9c551ef45714595665e


    Headers

    Imports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    b1cd0d78f652ce5fc63f0879371af012


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/LangDLL.dll
    .dll windows:4 windows x86 arch:x86

    9b6b6a7858e17fb0b17e1c1428330343


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    2017f2acbdaa42ab3e4adeb8b4c37e7b


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-wizard.bmp
  • $R0
    .dll regsvr32 windows:4 windows x86 arch:x86

    3708bef5cd6e5fb503b4de6477d1b421


    Headers

    Imports

    Exports

    Sections

  • $R2/NSIS.Library.RegTool.v3.$_4_.exe
    .exe windows:4 windows x86 arch:x86

    a56a9c58ddb2b2da8fde66551747ce70


    Headers

    Imports

    Sections

  • $SYSDIR/MACDll.dll
    .dll windows:4 windows x86 arch:x86

    e2c74ffadae0d70ecf4b14291e53bc3e


    Headers

    Imports

    Exports

    Sections

  • $SYSDIR/lame_enc.dll
    .dll windows:4 windows x86 arch:x86

    fa173586a4b0eb0918ead3f1c5015cc2


    Headers

    Imports

    Exports

    Sections

  • $SYSDIR/libsndfile.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • out.upx
    .dll windows:4 windows x86 arch:x86


    Headers

    Sections

  • $SYSDIR/ogg.dll
    .dll windows:4 windows x86 arch:x86

    239d20b88a9421031ef086d494227d32


    Headers

    Imports

    Exports

    Sections

  • $SYSDIR/vorbis.dll
    .dll windows:4 windows x86 arch:x86

    382b4908bdce93a6dbaf447d1d15e32f


    Headers

    Imports

    Exports

    Sections

  • $SYSDIR/vorbisfile.dll
    .dll windows:4 windows x86 arch:x86

    7eb5bbd5459544977ecce5dc1957ac8b


    Headers

    Imports

    Exports

    Sections

  • AudioConverterAX.lic
  • Audio_Editor_AX.lic
  • FileDownloaderAX.lic
  • SoundRecAX.lic
  • bin/COPYING.LGPL
  • bin/MACDll.dll
    .dll windows:4 windows x86 arch:x86

    e2c74ffadae0d70ecf4b14291e53bc3e


    Headers

    Imports

    Exports

    Sections

  • bin/lame_enc.dll
    .dll windows:4 windows x86 arch:x86

    fa173586a4b0eb0918ead3f1c5015cc2


    Headers

    Imports

    Exports

    Sections

  • bin/libsndfile.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • out.upx
    .dll windows:4 windows x86 arch:x86


    Headers

    Sections

  • bin/ogg.dll
    .dll windows:4 windows x86 arch:x86

    239d20b88a9421031ef086d494227d32


    Headers

    Imports

    Exports

    Sections

  • bin/readme.txt
  • bin/vorbis.dll
    .dll windows:4 windows x86 arch:x86

    382b4908bdce93a6dbaf447d1d15e32f


    Headers

    Imports

    Exports

    Sections

  • bin/vorbisfile.dll
    .dll windows:4 windows x86 arch:x86

    7eb5bbd5459544977ecce5dc1957ac8b


    Headers

    Imports

    Exports

    Sections

  • $TEMP/windll.dll
    .dll regsvr32 windows:4 windows x86 arch:x86

    f9c08223d2d3dd24632d95a46d766154


    Headers

    Imports

    Exports

    Sections