Overview

overview

6

Static

static

3

e14c2e8b87...18.exe

windows7-x64

3

e14c2e8b87...18.exe

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...se.rtf

windows7-x64

4

$PLUGINSDI...se.rtf

windows10-2004-x64

1

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$TEMP/minibar.exe

windows7-x64

3

$TEMP/minibar.exe

windows10-2004-x64

3

$PLUGINSDI...ec.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows10-2004-x64

3

$PLUGINSDI...ss.dll

windows7-x64

3

$PLUGINSDI...ss.dll

windows10-2004-x64

3

$PLUGINSDI...ip.dll

windows7-x64

3

$PLUGINSDI...ip.dll

windows10-2004-x64

3

$PROGRAMFI...gy.dll

windows7-x64

6

$PROGRAMFI...gy.dll

windows10-2004-x64

6

$PROGRAMFI...go.dll

windows7-x64

6

$PROGRAMFI...go.dll

windows10-2004-x64

6

$PROGRAMFI...on.dll

windows7-x64

3

$PROGRAMFI...on.dll

windows10-2004-x64

3

$PROGRAMFI...ton.js

windows7-x64

3

$PROGRAMFI...ton.js

windows10-2004-x64

3

$PROGRAMFI...ton.js

windows7-x64

3

$PROGRAMFI...ton.js

windows10-2004-x64

3

$PROGRAMFI.../ui.js

windows7-x64

3

$PROGRAMFI.../ui.js

windows10-2004-x64

3

$PROGRAMFI...ser.js

windows7-x64

3

$PROGRAMFI...ser.js

windows10-2004-x64

3

$PROGRAMFI...ole.js

windows7-x64

3

$PROGRAMFI...ole.js

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e14c2e8b87817db07a44c03de738ef61_JaffaCakes118

  • Size

    642KB

  • MD5

    e14c2e8b87817db07a44c03de738ef61

  • SHA1

    2f12a0a092d0503839978976bc4ee5e4a2956f76

  • SHA256

    f71a14b96062eb23f29adc40a91697b96875e5b6bd0919c1d41a815539a1e1d2

  • SHA512

    c1089b78485bda08783b1b0f99cf218293810a5f66894badb502ae74995d0c304b54cae97bc69d85bd215959fb39c32f68c7f780871a2a9a0c37e4531fc26edc

  • SSDEEP

    12288:6t0LO3PwABt4c/uERQ0PF+4CZR9AYDqHpNJKABZBCnbs3dJQdRJd:6tSO3PEIuERdMlZR9FDqJNJJBsJdRJd

Score
3/10

Malware Config

Signatures

  • Unsigned PE 11 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 4 IoCs
    installer

Files

  • e14c2e8b87817db07a44c03de738ef61_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    099c0646ea7282d232219f8807883be0


    Headers

    Imports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    2017f2acbdaa42ab3e4adeb8b4c37e7b


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/license.rtf
    .rtf
  • $PLUGINSDIR/modern-header.bmp
  • $PLUGINSDIR/nsDialogs.dll
    .dll windows:4 windows x86 arch:x86

    1e2884056e655f2b7bc5a904e352fc80


    Headers

    Imports

    Exports

    Sections

  • $TEMP/minibar.exe
    .exe windows:4 windows x86 arch:x86

    099c0646ea7282d232219f8807883be0


    Headers

    Imports

    Sections

  • $PLUGINSDIR/nsExec.dll
    .dll windows:4 windows x86 arch:x86

    d83f71e61ee459ee63ca3e829966a9dc


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsProcess.dll
    .dll windows:4 windows x86 arch:x86

    c9fc7f6df8fedf8f8f1f9f820c072664


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsUnzip.dll
    .dll windows:4 windows x86 arch:x86

    f61b492d16b51856da71c9a124fee190


    Headers

    Imports

    Exports

    Sections

  • $PROGRAMFILES/Minibar/Froggy.dll
    .dll regsvr32 windows:5 windows x86 arch:x86

    4c7a3f95276f50a76e1adfbc00c7c8b8


    Headers

    Imports

    Exports

    Sections

  • $PROGRAMFILES/Minibar/Kango.dll
    .dll regsvr32 windows:5 windows x86 arch:x86

    da4136ca038f62568c9bfdc1c982f44f


    Headers

    Imports

    Exports

    Sections

  • $PROGRAMFILES/Minibar/MinibarButton.dll
    .dll regsvr32 windows:5 windows x86 arch:x86

    f010497d0b60dc45a47cc1d5d8151b41


    Headers

    Imports

    Exports

    Sections

  • $PROGRAMFILES/Minibar/config.xml
    .xml
  • $PROGRAMFILES/Minibar/extension_info.json
  • $PROGRAMFILES/Minibar/icons/icon128.png
    .png
  • $PROGRAMFILES/Minibar/icons/icon16.ico
  • $PROGRAMFILES/Minibar/icons/icon19.ico
  • $PROGRAMFILES/Minibar/icons/icon19.png
    .png
  • $PROGRAMFILES/Minibar/icons/icon32.png
    .png
  • $PROGRAMFILES/Minibar/icons/icon48.png
    .png
  • $PROGRAMFILES/Minibar/kango-ui/browser_button.js
    .js
  • $PROGRAMFILES/Minibar/kango-ui/commandbar_button.js
    .js
  • $PROGRAMFILES/Minibar/kango-ui/theme/bubble/bottom-left.png
    .png
  • $PROGRAMFILES/Minibar/kango-ui/theme/bubble/bottom-middle.png
    .png
  • $PROGRAMFILES/Minibar/kango-ui/theme/bubble/bottom-right.png
    .png
  • $PROGRAMFILES/Minibar/kango-ui/theme/bubble/middle-left.png
    .png
  • $PROGRAMFILES/Minibar/kango-ui/theme/bubble/middle-right.png
    .png
  • $PROGRAMFILES/Minibar/kango-ui/theme/bubble/tail-bottom.png
    .png
  • $PROGRAMFILES/Minibar/kango-ui/theme/bubble/tail-left.png
    .png
  • $PROGRAMFILES/Minibar/kango-ui/theme/bubble/tail-right.png
    .png
  • $PROGRAMFILES/Minibar/kango-ui/theme/bubble/tail-top.png
    .png
  • $PROGRAMFILES/Minibar/kango-ui/theme/bubble/top-left.png
    .png
  • $PROGRAMFILES/Minibar/kango-ui/theme/bubble/top-middle.png
    .png
  • $PROGRAMFILES/Minibar/kango-ui/theme/bubble/top-right.png
    .png
  • $PROGRAMFILES/Minibar/kango-ui/ui.js
    .js
  • $PROGRAMFILES/Minibar/kango/browser.js
    .js
  • $PROGRAMFILES/Minibar/kango/console.js
  • $PROGRAMFILES/Minibar/kango/event_listener.js
  • $PROGRAMFILES/Minibar/kango/initialize.js
  • $PROGRAMFILES/Minibar/kango/io.js
    .js
  • $PROGRAMFILES/Minibar/kango/json.js
    .js
  • $PROGRAMFILES/Minibar/kango/jsonstorage.js
    .js
  • $PROGRAMFILES/Minibar/kango/kango.js
    .js
  • $PROGRAMFILES/Minibar/kango/lang.js
    .js
  • $PROGRAMFILES/Minibar/kango/md5.js
    .js
  • $PROGRAMFILES/Minibar/kango/messaging.js
    .js
  • $PROGRAMFILES/Minibar/kango/storage.js
    .js
  • $PROGRAMFILES/Minibar/kango/userscript_engine.js
    .js
  • $PROGRAMFILES/Minibar/kango/utils.js
    .js
  • $PROGRAMFILES/Minibar/kango/xhr.js
    .js
  • $PROGRAMFILES/Minibar/minibar/actions.js
    .js
  • $PROGRAMFILES/Minibar/minibar/cachedxhr.js
  • $PROGRAMFILES/Minibar/minibar/config.js
    .js
  • $PROGRAMFILES/Minibar/minibar/config.json
  • $PROGRAMFILES/Minibar/minibar/macros.js
    .js
  • $PROGRAMFILES/Minibar/minibar/minibar.js
    .js
  • chrome_installer.js
    .js
  • common.js
    .js
  • firefox_installer.js
    .js
  • ie_installer.js
    .js
  • install.json
  • minibar.crx
    .zip
  • background.html
  • cached_http_request.js
    .js
  • extension_info.json
  • icons/icon128.png
    .png
  • icons/icon19.png
    .png
  • icons/icon32.png
    .png
  • icons/icon48.png
    .png
  • includes/content.js
  • includes/content_kango.js
    .js
  • includes/content_messaging.js
    .js
  • includes/content_userscript.js
    .js
  • kango-ui/button.js
    .js
  • kango-ui/ui.js
  • kango/browser.js
    .js
  • kango/console.js
  • kango/event_listener.js
  • kango/initialize.js
    .js
  • kango/io.js
    .js
  • kango/jsonstorage.js
    .js
  • kango/kango.js
    .js
  • kango/lang.js
    .js
  • kango/messaging.js
    .js
  • kango/userscript_engine.js
    .js
  • kango/xhr.js
    .js
  • main.js
    .js
  • manifest.json
  • minibar/actions.js
    .js
  • minibar/cachedxhr.js
  • minibar/config.js
    .js
  • minibar/macros.js
    .js
  • minibar/minibar.js
    .js
  • popup.html
  • popup.js
    .js
  • tab.html
  • tab.js
    .js
  • minibar.xpi
    .zip .js polyglot
  • chrome.manifest
  • chrome/content/cached_http_request.js
    .js
  • chrome/content/content.xul
  • chrome/content/extension_info.json
  • chrome/content/icons/icon128.png
    .png
  • chrome/content/icons/icon19.png
    .png
  • chrome/content/icons/icon32.png
    .png
  • chrome/content/icons/icon48.png
    .png
  • chrome/content/kango-ui/button.js
    .js
  • chrome/content/kango-ui/popup.js
    .js
  • chrome/content/kango-ui/popup_window.js
    .js
  • chrome/content/kango-ui/popup_window.xul
  • chrome/content/kango-ui/theme/bubble/bottom-left.png
    .png
  • chrome/content/kango-ui/theme/bubble/bottom-middle.png
    .png
  • chrome/content/kango-ui/theme/bubble/bottom-right.png
    .png
  • chrome/content/kango-ui/theme/bubble/middle-left.png
    .png
  • chrome/content/kango-ui/theme/bubble/middle-right.png
    .png
  • chrome/content/kango-ui/theme/bubble/style.css
  • chrome/content/kango-ui/theme/bubble/tail-bottom.png
    .png
  • chrome/content/kango-ui/theme/bubble/tail-left.png
    .png
  • chrome/content/kango-ui/theme/bubble/tail-right.png
    .png
  • chrome/content/kango-ui/theme/bubble/tail-top.png
    .png
  • chrome/content/kango-ui/theme/bubble/top-left.png
    .png
  • chrome/content/kango-ui/theme/bubble/top-middle.png
    .png
  • chrome/content/kango-ui/theme/bubble/top-right.png
    .png
  • chrome/content/kango-ui/ui.js
  • chrome/content/kango/browser.js
    .js
  • chrome/content/kango/console.js
  • chrome/content/kango/event_listener.js
  • chrome/content/kango/initialize.js
    .js
  • chrome/content/kango/io.js
    .js
  • chrome/content/kango/jsonstorage.js
    .js
  • chrome/content/kango/kango.js
    .js
  • chrome/content/kango/lang.js
    .js
  • chrome/content/kango/messaging.js
    .js
  • chrome/content/kango/storage.js
    .js
  • chrome/content/kango/uninstall_observer.js
    .js
  • chrome/content/kango/userscript_engine.js
    .js
  • chrome/content/kango/xhr.js
    .js
  • chrome/content/main.js
    .js
  • chrome/content/minibar/actions.js
    .js
  • chrome/content/minibar/cachedxhr.js
  • chrome/content/minibar/config.js
    .js
  • chrome/content/minibar/config.json
  • chrome/content/minibar/homepage_helper.js
    .js
  • chrome/content/minibar/macros.js
    .js
  • chrome/content/minibar/minibar.js
    .js
  • chrome/content/minibar/search_helper.js
    .js
  • chrome/content/minibar/search_hook.js
    .js
  • chrome/content/minibar/tabpage_helper.js
    .js
  • install.rdf
  • sqlite3.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections