Overview

overview

7

Static

static

7

taskpro.exe

windows7-x64

3

taskpro.exe

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/inetc.dll

windows7-x64

3

$PLUGINSDIR/inetc.dll

windows10-2004-x64

3

$TEMP/AnVir.exe

windows7-x64

6

$TEMP/AnVir.exe

windows10-2004-x64

6

AnVir.exe

windows7-x64

6

AnVir.exe

windows10-2004-x64

6

AnvirHook8.dll

windows7-x64

3

AnvirHook8.dll

windows10-2004-x64

3

AnvirHook8_64.dll

windows7-x64

1

AnvirHook8_64.dll

windows10-2004-x64

1

AnvirRunServ.exe

windows7-x64

3

AnvirRunServ.exe

windows10-2004-x64

3

OpenHardwa...ls.dll

windows7-x64

1

OpenHardwa...ls.dll

windows10-2004-x64

1

OpenHardwa...e.html

windows7-x64

3

OpenHardwa...e.html

windows10-2004-x64

3

OpenHardwa...or.exe

windows7-x64

6

OpenHardwa...or.exe

windows10-2004-x64

6

OpenHardwa...ib.dll

windows7-x64

1

OpenHardwa...ib.dll

windows10-2004-x64

1

OpenHardwa...ms.dll

windows7-x64

1

OpenHardwa...ms.dll

windows10-2004-x64

1

OpenHardwa...ot.dll

windows7-x64

1

OpenHardwa...ot.dll

windows10-2004-x64

1

VirusTotalUpload.exe

windows7-x64

3

VirusTotalUpload.exe

windows10-2004-x64

3

anvir64.exe

windows7-x64

1

anvir64.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    be5c0e70465ebda10b784a1bf7ed105b_JaffaCakes118

  • Size

    4.1MB

  • MD5

    be5c0e70465ebda10b784a1bf7ed105b

  • SHA1

    1c1bf36386c8feb57982ad3bbb3701002a9a95cf

  • SHA256

    454957b679b051b8659c8a2a660728426d22f73e9514e5611475ec08cddb10f8

  • SHA512

    86f01ed9d37852f25fbf05928f31e776ca309fde47c78557bf43d90f5bb2cd952d3dfb30ccb7fd4840118abc07022eeec1f0b0d52196cee318bfab2b946a4b30

  • SSDEEP

    98304:1JbM6YwBO7XSTxobPKo0AfEsE7q3Ed2ut8bmZO1c:11YwFibPt0Afz6p01c

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 9 IoCs

    Checks for missing Authenticode signature.

Files

  • be5c0e70465ebda10b784a1bf7ed105b_JaffaCakes118
    .zip
  • taskpro.exe
    .exe windows:5 windows x86 arch:x86

    32f3282581436269b3a75b6675fe3e08


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:5 windows x86 arch:x86

    039bcbc605477e8e87ec550c2e60e748


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/inetc.dll
    .dll windows:4 windows x86 arch:x86

    86cdacc6fa5e3ff4938d358350751516


    Headers

    Imports

    Exports

    Sections

  • $TEMP/AnVir.exe
    .exe windows:5 windows x86 arch:x86

    782b5663b25cdd98990e54032a1cb476


    Code Sign

    Headers

    Imports

    Sections

  • AnVir.exe
    .exe windows:5 windows x86 arch:x86

    782b5663b25cdd98990e54032a1cb476


    Code Sign

    Headers

    Imports

    Sections

  • AnvirHook8.dll
    .dll windows:5 windows x86 arch:x86

    4d3d5cda99c0f7e0bc7e72dc64b6e178


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • AnvirHook8_64.dll
    .dll windows:5 windows x64 arch:x64

    3c77569552017b41c37267fe86b374b6


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • AnvirRunServ.exe
    .exe windows:4 windows x86 arch:x86

    b02ec238d323162eb8e5d7854e0638a2


    Code Sign

    Headers

    Imports

    Sections

  • Languages/anvir_Croatian.txt
  • Languages/anvir_Czech.txt
  • Languages/anvir_Danish.txt
  • Languages/anvir_Dutch.txt
  • Languages/anvir_Finnish.txt
  • Languages/anvir_French.txt
  • Languages/anvir_German.txt
  • Languages/anvir_Greek.txt
  • Languages/anvir_Italian.txt
  • Languages/anvir_Japanese.txt
  • Languages/anvir_Korean.txt
  • Languages/anvir_Norwegian.txt
  • Languages/anvir_Polish.txt
  • Languages/anvir_Portuguese.txt
  • Languages/anvir_Spanish.txt
  • Languages/anvir_Vietnamese.txt
  • Languages/anvir_swedish.txt
  • OpenHardwareMonitor/Aga.Controls.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • OpenHardwareMonitor/License.html
  • OpenHardwareMonitor/OpenHardwareMonitor.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • OpenHardwareMonitor/OpenHardwareMonitor.exe.config
  • OpenHardwareMonitor/OpenHardwareMonitorLib.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • OpenHardwareMonitor/OxyPlot.WindowsForms.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • OpenHardwareMonitor/OxyPlot.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • VirusTotalUpload.exe
    .exe windows:5 windows x86 arch:x86

    1c06186a7f0367e14a6db68fa3b0c6b3


    Headers

    Imports

    Sections

  • anvir64.exe
    .exe windows:5 windows x64 arch:x64

    c1c3f5e814438baff1f29630330e232d


    Code Sign

    Headers

    Imports

    Sections

  • anvirlauncher.exe
    .exe windows:6 windows x86 arch:x86

    27cef9d26747652e0d11e3c14bb6154f


    Code Sign

    Headers

    Imports

    Sections

  • portable.txt
  • uninstall.exe.nsis
  • usbhdd.exe
    .exe windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections