Overview

overview

7

Static

static

3

dd67d90133...18.exe

windows7-x64

3

dd67d90133...18.exe

windows10-2004-x64

3

$PROGRAM_F...rX.dll

windows7-x64

7

$PROGRAM_F...rX.dll

windows10-2004-x64

7

$PROGRAM_F...ce.exe

windows7-x64

3

$PROGRAM_F...ce.exe

windows10-2004-x64

3

$PROGRAM_F...er.exe

windows7-x64

3

$PROGRAM_F...er.exe

windows10-2004-x64

3

$PROGRAM_F...rc.dll

windows7-x64

3

$PROGRAM_F...rc.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    dd67d90133abdba6309610d38d38884e_JaffaCakes118

  • Size

    1.1MB

  • MD5

    dd67d90133abdba6309610d38d38884e

  • SHA1

    4513f28130a4aa40025bd55caadd4072dc1c298d

  • SHA256

    172f2e6f91fa2a7eea94ee7466c943c11e122e7f07f521c0d7d7ef81426b27ad

  • SHA512

    8105486b4b5583d724d2cf22e2e1bd201dd132e15f5bd45ee590878aecc68158fdae54d6e3ab30c511d7dfa661b779d897f49d3a04d9c449d9a2844eb76a1d78

  • SSDEEP

    24576:miOlrqFE7jtRy3xkvAHc87iyb/RfPqwchVAXhgq1kcG+iBdHFE:miiljUQpyjRfiWgq1rJipE

Score
3/10

Malware Config

Signatures

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 1 IoCs
    installer

Files

  • dd67d90133abdba6309610d38d38884e_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    9c523d8653da5455667e3f82274f2f88


    Headers

    Imports

    Sections

  • $APPDATA/Baidu/Toolbar/Custom Buttons/custom.xml
  • $PROFILE/AppData/LocalLow/Baidu/Toolbar/Custom Buttons/custom.xml
  • $PROGRAM_FILES/Baidu/Toolbar/BaiduBarX_Tmp/BaiduBarX.dll
    .dll regsvr32 windows:4 windows x86 arch:x86

    dbb6ae12303c20296c693f51a2687989


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PROGRAM_FILES/Baidu/Toolbar/BaiduBarX_Tmp/BaiduService.exe
    .exe windows:4 windows x86 arch:x86

    b2e7f59043adad73fe020115daa83498


    Code Sign

    Headers

    Imports

    Sections

  • $PROGRAM_FILES/Baidu/Toolbar/BaiduBarX_Tmp/BarBroker.exe
    .exe windows:4 windows x86 arch:x86

    10c4284ada8f296e35a475657fe1334f


    Code Sign

    Headers

    Imports

    Sections

  • $PROGRAM_FILES/Baidu/Toolbar/BaiduBarX_Tmp/rc.dll
    .dll windows:4 windows x86 arch:x86

    90fb0d3b9147b78e7ee69fa48ce244a0


    Code Sign

    Headers

    Imports

    Sections