General

  • Target

    d2aea59f1cb34644be15f960acaf0131_JaffaCakes118

  • Size

    4.1MB

  • MD5

    d2aea59f1cb34644be15f960acaf0131

  • SHA1

    817e1bcf34243559a8de213060711421d0d40e93

  • SHA256

    276f6452862905ab58e5f7bbcd2f97dde2d2b271aa6c9d44cf59d98a81d98dd5

  • SHA512

    9629a56f8673d3b074a8aef6d8ab5cb98a977bac12be1fd65f28739eaaf73f934fc5ecb4bfc8ada36150aa487983acdb06f18a73be15be759545894f42fc3d03

  • SSDEEP

    98304:UBXD2l86shzW4G6GLjawT71Kyl9YmhOrQPnZEjby1EgfMFGTBRmkug:U9ofEuko1HtvQW1EyMFGIs

Score
3/10

Malware Config

Signatures

  • Unsigned PE 9 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 2 IoCs

Files

  • d2aea59f1cb34644be15f960acaf0131_JaffaCakes118
    .rar
  • au.exe
    .exe windows:4 windows x86 arch:x86

    099c0646ea7282d232219f8807883be0


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    b1cd0d78f652ce5fc63f0879371af012


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/StartMenu.dll
    .dll windows:4 windows x86 arch:x86

    a648aeaa164b592c1e8892a10400b5ae


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    2017f2acbdaa42ab3e4adeb8b4c37e7b


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioC.ini
  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-header.bmp
  • $PLUGINSDIR/modern-wizard.bmp
  • $R0
    .dll windows:5 windows x86 arch:x86

    6054b85840798c775972e132e70eed78


    Headers

    Imports

    Exports

    Sections

  • Balloon.wav
  • Command.wav
  • Data/Ignore_Dup/ignorelist.ini
  • Data/Ignore_Junk/Microsoft Publisher.ini
  • Data/Ignore_Junk/New2.41.ini
  • Data/Ignore_Junk/New3.ini
  • Data/Ignore_Junk/New4.ini
  • Data/Ignore_Junk/New5.ini
  • Data/Ignore_Junk/aceignore_junk.ini
  • Data/Ignore_Junk/additional.ini
  • Data/Ignore_Junk/hp.ini
  • Data/Ignore_Junk/mozilla.ini
  • Data/Ignore_Junk/new2.2.ini
  • Data/Ignore_Junk/new2.5.ini
  • Data/Ignore_Junk/powertech.ini
  • Data/Ignore_Junk/vista.ini
  • Data/Ignore_Reg/AFTERXP.INI
  • Data/Ignore_Reg/AFTERXPsp3.INI
  • Data/Ignore_Reg/Acrobat.dat
  • Data/Ignore_Reg/Autocad.dat
  • Data/Ignore_Reg/Careful241.ini
  • Data/Ignore_Reg/Careful3.ini
  • Data/Ignore_Reg/Diskeeper.dat
  • Data/Ignore_Reg/Dont Scan.ini
  • Data/Ignore_Reg/Easy CD Creator.dat
  • Data/Ignore_Reg/Easy media Creator.dat
  • Data/Ignore_Reg/Encarta.dat
  • Data/Ignore_Reg/Flash Player.dat
  • Data/Ignore_Reg/Genie Backup Manager.dat
  • Data/Ignore_Reg/HP fax machine.ini
  • Data/Ignore_Reg/IE7.dat
  • Data/Ignore_Reg/Kinko File Prep Tool.dat
  • Data/Ignore_Reg/MS DotNet.dat
  • Data/Ignore_Reg/MS Office.dat
  • Data/Ignore_Reg/MS Publisher.dat
  • Data/Ignore_Reg/MS VisualStudioNet.dat
  • Data/Ignore_Reg/MSN.dat
  • Data/Ignore_Reg/McAfee.dat
  • Data/Ignore_Reg/Microsoft Money.dat
  • Data/Ignore_Reg/New4.ini
  • Data/Ignore_Reg/Norton AntiVirus.dat
  • Data/Ignore_Reg/Norton Internet Security.dat
  • Data/Ignore_Reg/ORACLE.dat
  • Data/Ignore_Reg/Paint Shop Pro.dat
  • Data/Ignore_Reg/Panda AV.dat
  • Data/Ignore_Reg/PhotoShop.dat
  • Data/Ignore_Reg/PowerArchiver.dat
  • Data/Ignore_Reg/StandardScanOnly.ini
  • Data/Ignore_Reg/THE BAT!.dat
  • Data/Ignore_Reg/WS_FTP Pro.dat
  • Data/Ignore_Reg/Windows Desktop Search.dat
  • Data/Ignore_Reg/afterVista.ini
  • Data/Ignore_Reg/apps.ini
  • Data/Ignore_Reg/careful.ini
  • Data/Ignore_Reg/dangerous.ini
  • Data/Ignore_Reg/roxio.dat
  • Data/Ignore_Reg/shlext_approved.ini
  • Data/Ignore_Reg/wordperfect.dat
  • Data/Info.ini
  • Data/RegFixer/ignorefolders.ini
  • Data/RegFixer/ignorekeys.ini
  • Data/ignore_empty/ignore.ini
  • Data/images/735.png
    .png
  • Data/images/735_y.png
    .png
  • Data/images/735_y2.png
    .png
  • Data/images/CATEGORY.BMP
  • Data/images/Symbol Information.png
    .png
  • Data/images/background.bmp
  • Data/images/category_over.bmp
  • Data/images/category_pushed.bmp
  • Data/images/close1.png
    .png
  • Data/images/close2.png
    .png
  • Data/images/close3.png
    .png
  • Data/images/min1.png
    .png
  • Data/images/min2.png
    .png
  • Data/images/min3.png
    .png
  • Data/images/new UI.bmp
  • Data/sqlite3.dll
    .dll windows:4 windows x86 arch:x86

    3305ece755e5abe9967a388c51a4d903


    Headers

    Imports

    Exports

    Sections

  • Data/startup.dat
  • Default.wav
  • History.txt
  • Office2007Blue.dll
    .dll windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • Plugins/7-Zip Compression.aup
  • Plugins/ACDSee.aup
  • Plugins/AOL 7.0 Chat Log.aup
  • Plugins/AOL Instant Messenger.aup
  • Plugins/AX-Icons.aup
  • Plugins/AbsoluteFTP.aup
  • Plugins/Acon Digital Media Acoustica 3.aup
  • Plugins/Acoustica CD Label Maker.aup
  • Plugins/Ad-Aware.aup
  • Plugins/Adaptec Easy CD Creator.aup
  • Plugins/AddSoft Log Files.aup
  • Plugins/AddWeb.aup
  • Plugins/Adobe Acrobat Reader.aup
  • Plugins/Adobe Photoshop.aup
  • Plugins/Advanced Disk Catalog.aup
  • Plugins/Advanced MP3 Catalog.aup
  • Plugins/Agent NewsReader.aup
  • Plugins/Alcohol MRU.aup
  • Plugins/AltaVista Toolbar.aup
  • Plugins/Audio CD Info.aup
  • Plugins/AudioCatalyst.aup
  • Plugins/Avant Browser History.aup
  • Plugins/AwIcons.aup
  • Plugins/Axialis Icon Workshop.aup
  • Plugins/Axialis Media Browser.aup
  • Plugins/Babylon Builder.aup
  • Plugins/Babylon.aup
  • Plugins/BearShare.aup
  • Plugins/Beyond Compare.aup
  • Plugins/BookReader.aup
  • Plugins/Borland Delphi.aup
  • Plugins/CRT.aup
  • Plugins/Cabinet Manager.aup
  • Plugins/Chameleon Web Browser.aup
  • Plugins/CoffeeCup DirectFTP.aup
  • Plugins/Coffeecup Gif Animator.aup
  • Plugins/Conexware PowerArchivier 8.6.aup
  • Plugins/CoolEditPro.aup
  • Plugins/Cute MX.aup
  • Plugins/CuteFTP.aup
  • Plugins/CuteHtml.aup
  • Plugins/Disk Explorer Professional.aup
  • Plugins/Diskeeper.aup
  • Plugins/Divx Player.aup
  • Plugins/Download Accelerator (DAP).aup
  • Plugins/Dreamweaver Ultradev_4.aup
  • Plugins/Dreamweaver.aup
  • Plugins/Easy CD Creator.aup
  • Plugins/Easy Icon Maker.aup
  • Plugins/Ebay Toolbar.aup
  • Plugins/EditPad.aup
  • Plugins/EditPlus.aup
  • Plugins/Enigma Browser.aup
  • Plugins/Eudora Mail.aup
  • Plugins/FAR.aup
  • Plugins/FTP Explorer.aup
  • Plugins/FTP Voyager.aup
  • Plugins/Flash.aup
  • Plugins/FlashGet(JetCar).aup
  • Plugins/Fotostation.aup
  • Plugins/Free Download Manager.aup
  • Plugins/FreeCell Statistics.aup
  • Plugins/Fun CD.aup
  • Plugins/GO!ZLLA.aup
  • Plugins/Gamani GIF Movie Gear.aup
  • Plugins/Game Maker.aup
  • Plugins/GetRight 4x.aup
  • Plugins/Goldwave.aup
  • Plugins/Google DeskBar.aup
  • Plugins/Google Tool Bar.aup
  • Plugins/Google Video Player.aup
  • Plugins/Gravity Newsreader.aup
  • Plugins/HEX Workshop.aup
  • Plugins/Homesite (Allaire).aup
  • Plugins/HotJava Browser.aup
  • Plugins/Html Help Workshop.aup
  • Plugins/ICQ 2000.aup
  • Plugins/IE Default Download Dir.aup
  • Plugins/IZArc.aup
  • Plugins/Imaging.aup
  • Plugins/Indigo Rose Setup Factory.aup
  • Plugins/Inoculatelt PE Virus Scan.aup
  • Plugins/InterQuick.aup
  • Plugins/Internet Download Manager.aup
  • Plugins/Irfanview.aup
  • Plugins/Jasc Animation Shop.aup
  • Plugins/Jet Photo Shell.aup
  • Plugins/K-Lite Codec Pack.aup
  • Plugins/KaZaA.aup
  • Plugins/Kazaa media desktop.aup
  • Plugins/LView Pro.aup
  • Plugins/LeapFTP.aup
  • Plugins/Letterbox.aup
  • Plugins/MEDA MP3 Splitter.aup
  • Plugins/MS Movie Maker.aup
  • Plugins/MS Windows Media Player.aup
  • Plugins/MSN Messenger.txt
  • Plugins/MSN Tool Bar.aup
  • Plugins/MacroMedia Dreamweaver MX.aup
  • Plugins/MacroMedia Firework MX.aup
  • Plugins/MacroMedia Flash MX.aup
  • Plugins/Magic ISO Maker.aup
  • Plugins/Mass Download.aup
  • Plugins/MasterSplitter.aup
  • Plugins/McAfee Virus Scan.aup
  • Plugins/Metapad.aup
  • Plugins/MicroAngelo.aup
  • Plugins/Micrografx Picture Publisher.aup
  • Plugins/Microsoft Netmeeting.aup
  • Plugins/Microsoft Office InfoPath.aup
  • Plugins/Microsoft Photo Editor.aup
  • Plugins/Microsoft PictureIt.aup
  • Plugins/Microsoft Visual Studio.aup
  • Plugins/Microsoft Works.aup
  • Plugins/Miranda ICQ.aup
  • Plugins/Morpheus.aup
  • Plugins/Mozart.aup
  • Plugins/MusicMatch Jukebox.aup
  • Plugins/Naviscope.aup
  • Plugins/Negatory Assembly Studio 1.0.aup
  • Plugins/Nero - Burning ROM.aup
  • Plugins/NetAnts.aup
  • Plugins/NetCaptor.aup
  • Plugins/Netsonic.aup
  • Plugins/Netzip.aup
  • Plugins/NewsBin.aup
  • Plugins/Norton Anti-Virus.aup
  • Plugins/Norton File Manager.aup
  • Plugins/NortonAV2000.aup
  • Plugins/NortonCom.aup
  • Plugins/NotePad Plus.aup
  • Plugins/NoteTab Light.aup
  • Plugins/NoteTab Pro.aup
  • Plugins/Notepad2.aup
  • Plugins/Office 2003.aup
  • Plugins/Office 2007.aup
  • Plugins/Office XP.aup
  • Plugins/Office2000.aup
  • Plugins/Office97.aup
  • Plugins/OmniPage.aup
  • Plugins/Opera6.aup
  • Plugins/Opera7.aup
  • Plugins/PE Explorer.aup
  • Plugins/PKZip for Windows.aup
  • Plugins/Paint Shop Pro.aup
  • Plugins/PasswordSafe.aup
  • Plugins/Personal Ancestral File.aup
  • Plugins/PhotoDraw.aup
  • Plugins/PhotoExpress.aup
  • Plugins/PhotoImpact.aup
  • Plugins/Photocanvas.aup
  • Plugins/Photoshop 5.0.aup
  • Plugins/Photoshop 5.5.aup
  • Plugins/PicoZip.aup
  • Plugins/PolyView.aup
  • Plugins/PopUpCop.aup
  • Plugins/Popup Purger.aup
  • Plugins/PowerArchiver.aup
  • Plugins/PowerDVD.aup
  • Plugins/PowerDesk.aup
  • Plugins/PowerZip.aup
  • Plugins/QuickTime.aup
  • Plugins/RealNetworks Real Download.aup
  • Plugins/RealOne Player.aup
  • Plugins/RealPlayer.aup
  • Plugins/RealVNC.aup
  • Plugins/SWiSH.aup
  • Plugins/Smart Explorer.aup
  • Plugins/Sonique.aup
  • Plugins/Spinner Plus.aup
  • Plugins/Spybot.aup
  • Plugins/Star Downloader.aup
  • Plugins/StarOffice.aup
  • Plugins/SunJavaCache.aup
  • Plugins/Sygate Personal Firewall.aup
  • Plugins/System Mechanic.aup
  • Plugins/Teleport Pro.aup
  • Plugins/Tennyson Maxwell Teleport Pro.aup
  • Plugins/TextPad.aup
  • Plugins/The Playe.aup
  • Plugins/Trillian.aup
  • Plugins/Ulead GIF Animator.aup
  • Plugins/Ultimate Paint.aup
  • Plugins/Ultra Edit.aup
  • Plugins/UltraISO.aup
  • Plugins/WINRAR.AUP
  • Plugins/WebFerret.aup
  • Plugins/WinAce.aup
  • Plugins/WinME Regedit Recent Key.aup
  • Plugins/WinZip.aup
  • Plugins/Winamp.aup
  • Plugins/Windows Commander.aup
  • Plugins/Windows Logs.aup
  • Plugins/Windows Paint.aup
  • Plugins/Windows Word Pad.aup
  • Plugins/Windows.aup
  • Plugins/Wordperfect.aup
  • Plugins/Xara 3D.aup
  • Plugins/XingMp3 Player.aup
  • Plugins/XnView.aup
  • Plugins/Xnews.aup
  • Plugins/Xolox.aup
  • Plugins/Yahoo! Messenger.aup
  • Plugins/Yahoo! Toolbar.aup
  • Plugins/YahooPlayer.aup
  • Plugins/Yamaha XG.aup
  • Plugins/ZipMagic.aup
  • Plugins/ZoneAlarm.aup
  • Plugins/eMule.aup
  • Plugins/uTorrent.aup
  • au.chm
    .chm
  • au.exe
    .exe windows:5 windows x86 arch:x86

    dc072b97ab69d9cf474e33b457c157dd


    Code Sign

    Headers

    Imports

    Sections

  • au32.exe
    .exe windows:5 windows x86 arch:x86

    81288d252dee9f72f8195b900c12f9a2


    Headers

    Imports

    Sections

  • clearpasticonhistory.vbs
    .vbs
  • createsrpoint.vbs
    .vbs
  • da.exe
    .exe windows:5 windows x86 arch:x86

    9f4deea737963773081187fa4cfc376d


    Headers

    Imports

    Sections

  • hstdel.exe
    .exe windows:5 windows x86 arch:x86

    c8ba5339b1a56cb9e399ec3315832974


    Headers

    Imports

    Sections

  • rc.chm
    .chm
  • rc.exe
    .exe windows:5 windows x86 arch:x86

    4a0ad5fe39b112acd4f9f9cb83de406e


    Headers

    Imports

    Sections

  • readme.txt
  • 新云软件.url
    .url