Overview

overview

7

Static

static

7

RePack/Bin...!!.cmd

windows7-x64

1

RePack/Bin...!!.cmd

windows10-2004-x64

1

RePack/Bin...ck.cmd

windows7-x64

1

RePack/Bin...ck.cmd

windows10-2004-x64

1

RePack/Bin...d}.cmd

windows7-x64

1

RePack/Bin...d}.cmd

windows10-2004-x64

1

RePack/Bin...m}.cmd

windows7-x64

1

RePack/Bin...m}.cmd

windows10-2004-x64

1

RePack/Bin...ck.cmd

windows7-x64

1

RePack/Bin...ck.cmd

windows10-2004-x64

1

RePack/Bin...d}.cmd

windows7-x64

1

RePack/Bin...d}.cmd

windows10-2004-x64

1

RePack/Bin...m}.cmd

windows7-x64

1

RePack/Bin...m}.cmd

windows10-2004-x64

1

RePack/Bin...Ti.cmd

windows7-x64

7

RePack/Bin...Ti.cmd

windows10-2004-x64

7

RePack/Bin...ck.cmd

windows7-x64

1

RePack/Bin...ck.cmd

windows10-2004-x64

1

RePack/Bin...fo.cmd

windows7-x64

1

RePack/Bin...fo.cmd

windows10-2004-x64

1

RePack/Bin...er.exe

windows7-x64

3

RePack/Bin...er.exe

windows10-2004-x64

3

RePack/Bin...nX.exe

windows7-x64

1

RePack/Bin...nX.exe

windows10-2004-x64

1

RePack/Bin...TI.exe

windows7-x64

7

RePack/Bin...TI.exe

windows10-2004-x64

7

RePack/Bin...15.dll

windows7-x64

1

RePack/Bin...15.dll

windows10-2004-x64

1

RePack/Bin...ex.exe

windows7-x64

1

RePack/Bin...ex.exe

windows10-2004-x64

1

RePack/Bin...nX.exe

windows7-x64

3

RePack/Bin...nX.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    bf387ee757e6ed8072a488eac748cb2a_JaffaCakes118

  • Size

    1.7MB

  • MD5

    bf387ee757e6ed8072a488eac748cb2a

  • SHA1

    11d76f0c6cef68dbc7f5d90fc25298aee68fe702

  • SHA256

    502b7e589cd57df55336829a7e569df03fb6c0272e75c4960e010fe7c718857d

  • SHA512

    d6631a434970f1223de0e6a5044ab2f505acc21a7dfc0429aaa783dbddf64267e187aff8eac7342bcace1c0a270f3f9a83a48fd27c817e1f49aded1c151b280a

  • SSDEEP

    24576:mRZhpAdKDOHN7DDBqWZb5ZCwFed7uz7wR1Cv6UP0KKogu9in3bxpav+Zye3C7y8F:mxfqHdDdEzNuzXvjO0w3n6Dusy8F

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • AutoIT Executable 3 IoCs

    AutoIT scripts compiled to PE executables.

  • Unsigned PE 9 IoCs

    Checks for missing Authenticode signature.

Files

  • bf387ee757e6ed8072a488eac748cb2a_JaffaCakes118
    .7z
  • RePack/Binary/Clean !!!.cmd
    .cmd .vbs
  • RePack/Binary/Pack.cmd
    .cmd .vbs
  • RePack/Binary/Pack{esd}.cmd
  • RePack/Binary/Pack{wim}.cmd
  • RePack/Binary/RePack--no-acls.cfg
  • RePack/Binary/RePack.cfg
  • RePack/Binary/RePack.cmd
    .cmd .vbs
  • RePack/Binary/RePack{esd}.cmd
  • RePack/Binary/RePack{wim}.cmd
  • RePack/Binary/RunAsTi.cmd
  • RePack/Binary/UnPack.cmd
    .cmd .vbs
  • RePack/Binary/WimInfo.cmd
    .cmd .vbs
  • RePack/Binary/XmlParser.exe
    .exe windows:5 windows x86 arch:x86

    eb97e4fc5518ac300a92a11673825e0b


    Headers

    Imports

    Sections

  • RePack/Binary/x64/ConX.exe
    .exe windows:4 windows x64 arch:x64

    88dbc491bf18cfa938faf4eb3f577f28


    Headers

    Imports

    Sections

  • RePack/Binary/x64/RunAsTI.exe
    .exe windows:5 windows x64 arch:x64


    Code Sign

    Headers

    Sections

  • out.upx
    .exe windows:5 windows x64 arch:x64


    Headers

    Sections

  • RePack/Binary/x64/libwim-15.dll
    .dll windows:4 windows x64 arch:x64

    538fc77d4a74ee72537e7bdd62b25332


    Headers

    Imports

    Exports

    Sections

  • RePack/Binary/x64/wimlib-imagex.exe
    .exe windows:4 windows x64 arch:x64

    42338fb0ec18ea55abd3d040c027d736


    Headers

    Imports

    Sections

  • RePack/Binary/x86/ConX.exe
    .exe windows:4 windows x86 arch:x86

    44c6518cc1710fe60bebc34b988eb226


    Headers

    Imports

    Sections

  • RePack/Binary/x86/RunAsTI.exe
    .exe windows:5 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • out.upx
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections

  • RePack/Binary/x86/libwim-15.dll
    .dll windows:4 windows x86 arch:x86

    cf5ab950207c09b4f2086ec848eb2677


    Headers

    Imports

    Exports

    Sections

  • RePack/Binary/x86/wimlib-imagex.exe
    .exe windows:4 windows x86 arch:x86

    e882503764465dbaaee6c2a5e5884e4a


    Headers

    Imports

    Sections

  • RePack/Clean !!!.cmd
  • RePack/Doc/ReadMe.txt
  • RePack/Pack.cmd
  • RePack/Pack{esd}.cmd
  • RePack/Pack{wim}.cmd
  • RePack/RePack.cmd
  • RePack/RePack{esd}.cmd
  • RePack/RePack{wim}.cmd
  • RePack/UnPack.cmd
  • RePack/WimInfo.cmd