Overview

overview

7

Static

static

3

be281d0693...18.exe

windows7-x64

7

be281d0693...18.exe

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/TBC.dll

windows7-x64

3

$PLUGINSDIR/TBC.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$PLUGINSDI...ct.dll

windows7-x64

3

$PLUGINSDI...ct.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    be281d06932da81422d769b7cbfa5866_JaffaCakes118

  • Size

    349KB

  • MD5

    be281d06932da81422d769b7cbfa5866

  • SHA1

    9119df7a0b6dadfdafc41df515f3172bfbdf38bf

  • SHA256

    21b4e6c78b3f229c38872d5c913e76bb759961dd9dd6082107497e6a1803a899

  • SHA512

    b08997bed7ead086dc52f225f6828cd7fdb9db5045e5d471bc9ef7e72c6029f517cb3beccdc2b49bd86ee51d42da01e3a63bfa13c762d5a50f55d7e99685b51c

  • SSDEEP

    6144:FbUTp1Aboyul/h9eM+eB6KEzRa3pPBGxwzMCfJxyX6Vbl1QFnXh46pX:FIGTiFcbRDGMCfJkX65MXJ

Score
3/10

Malware Config

Signatures

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • be281d06932da81422d769b7cbfa5866_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    7ed0d71376e55d58ab36dc7d3ffda898


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/01_1435775198775.bmp
  • $PLUGINSDIR/05_1435775204263.bmp
  • $PLUGINSDIR/Error---Oops_1435695217686.bmp
  • $PLUGINSDIR/HA_1435775231975.bmp
  • $PLUGINSDIR/Install_BR_1435695225510.bmp
  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    fc0224e99e736751432961db63a41b76


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/TBC.dll
    .dll windows:5 windows x86 arch:x86

    b849bbef6db4bd5d3c2ee3dae22cc540


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/cancel_POR(2)_1435695460935.bmp
  • $PLUGINSDIR/cancel_POR_1435695467111.bmp
  • $PLUGINSDIR/cleanup_POR_140x36_1435695430693.bmp
  • $PLUGINSDIR/nsDialogs.dll
    .dll windows:5 windows x86 arch:x86

    58da96f4c774d946620f1d9e7be93b20


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/t8bprtct.dll
    .dll regsvr32 windows:5 windows x86 arch:x86

    95cf83a10236a8bd2ce8b632973eb995


    Code Sign

    Headers

    Imports

    Exports

    Sections