Overview

overview

7

Static

static

3

d9b743e408...18.exe

windows7-x64

7

d9b743e408...18.exe

windows10-2004-x64

7

$PLUGINSDI...nt.dll

windows7-x64

3

$PLUGINSDI...nt.dll

windows10-2004-x64

3

$PLUGINSDI...os.dll

windows7-x64

3

$PLUGINSDI...os.dll

windows10-2004-x64

3

$PLUGINSDI...ad.dll

windows7-x64

3

$PLUGINSDI...ad.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...fo.dll

windows7-x64

3

$PLUGINSDI...fo.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$PLUGINSDI...os.dll

windows7-x64

3

$PLUGINSDI...os.dll

windows10-2004-x64

3

$TEMP/HssI...er.exe

windows7-x64

3

$TEMP/HssI...er.exe

windows10-2004-x64

3

$TEMP/tapinstall.exe

windows7-x64

1

$TEMP/tapinstall.exe

windows10-2004-x64

1

HssWPR/Hss...er.exe

windows7-x64

3

HssWPR/Hss...er.exe

windows10-2004-x64

3

bin/HssInstaller.exe

windows7-x64

3

bin/HssInstaller.exe

windows10-2004-x64

3

bin/tapinstall.exe

windows7-x64

1

bin/tapinstall.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    d9b743e40868a38758bf71ed15cf977e_JaffaCakes118

  • Size

    6.2MB

  • MD5

    d9b743e40868a38758bf71ed15cf977e

  • SHA1

    e29145261651b804e69f15d977ecb11fd249f99e

  • SHA256

    d0eb860bc26bde294edf1b7ec84769ccde6520745e00d828b881e3348e440209

  • SHA512

    01f2ef4b5a57fb82505b1f2aced5414d34aab04396eadd838142f93feea4a0b3723190083223fd17d7cb9a004fcf8afd6228fa6478c22f50e38a43ea9397cc37

  • SSDEEP

    196608:i1vuLvLArOhjcSfTWXX6UOfxvwpySPHnlRE6hBy+BEzX1:iavBU6UOf6pySHnlNfyX1

Score
3/10

Malware Config

Signatures

  • Unsigned PE 6 IoCs

    Checks for missing Authenticode signature.

Files

  • d9b743e40868a38758bf71ed15cf977e_JaffaCakes118
    .exe windows:5 windows x86 arch:x86

    bf95d1fc1d10de18b32654b123ad5e1f


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/ButtonEvent.dll
    .dll windows:5 windows x86 arch:x86

    c2c73dbeea9d6106b497d447bf228826


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ExecDos.dll
    .dll windows:5 windows x86 arch:x86

    80ebe2c612a758bd66058fcb4454ddbd


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/InetLoad.dll
    .dll windows:5 windows x86 arch:x86

    80213b4906495413934aadb7289b8a00


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:5 windows x86 arch:x86

    6c41c5e4d44f55745b925cc4e42b7fab


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/UserInfo.dll
    .dll windows:5 windows x86 arch:x86

    45d25ca52c312b2254c60dbcb30342d1


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/conduit_toolbar.bmp
  • $PLUGINSDIR/hss_icon_trans_96x96.bmp
  • $PLUGINSDIR/hss_trans.bmp
  • $PLUGINSDIR/modern-header.bmp
  • $PLUGINSDIR/nsDialogs.dll
    .dll windows:5 windows x86 arch:x86

    9ea5bdc8c90dfcffe309465c26c89758


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsisos.dll
    .dll windows:5 windows x86 arch:x86

    39fe72cb36dbf0e6f6e7f1d12a53c7a9


    Headers

    Imports

    Exports

    Sections

  • $TEMP/HssInstaller.exe
    .exe windows:5 windows x86 arch:x86

    64b1e74e9705b2ba77ae128c72291176


    Code Sign

    Headers

    Imports

    Sections

  • $TEMP/tapinstall.exe
    .exe windows:6 windows x64 arch:x64

    1354d66e3116f4a24255915dc97a0cdf


    Code Sign

    Headers

    Imports

    Sections

  • HssWPR/HssInstaller.exe
    .exe windows:5 windows x86 arch:x86

    64b1e74e9705b2ba77ae128c72291176


    Code Sign

    Headers

    Imports

    Sections

  • bin/HssInstaller.exe
    .exe windows:5 windows x86 arch:x86

    64b1e74e9705b2ba77ae128c72291176


    Code Sign

    Headers

    Imports

    Sections

  • bin/tapinstall.exe
    .exe windows:6 windows x64 arch:x64

    1354d66e3116f4a24255915dc97a0cdf


    Code Sign

    Headers

    Imports

    Sections