General

  • Target

    ec0dc5699d07cd25825973dc3a26c37f_JaffaCakes118

  • Size

    60.2MB

  • MD5

    ec0dc5699d07cd25825973dc3a26c37f

  • SHA1

    f598b26f71904e5b4ade3f103cea8f5940e0f278

  • SHA256

    302be544cc77c5d22d891b290a3e32cd97ee002c2365c7a7e89e8b9a731c5635

  • SHA512

    312901852b3ea3b21292b9bb1599420624b3589384b18f8c7f934b8213e1ecbcf6e196494ecd1f4f2ebf38e3c9d385fb799137cfc1f3ee52f15dd1edb77d7fed

  • SSDEEP

    1572864:FRQ+dMcblMb5IhvYEjEFbPBAjJZO48D1J2gbobZO720G2bK9M5Gy:/QgdbR5YEwjAjJZ4DigMbgmsKA

Score
3/10

Malware Config

Signatures

  • Unsigned PE 4 IoCs

    Checks for missing Authenticode signature.

Files

  • ec0dc5699d07cd25825973dc3a26c37f_JaffaCakes118
    .exe windows:5 windows x86 arch:x86

    b729b61eb1515fcf7b3e511e4e66258b


    Code Sign

    Headers

    Imports

    Sections

  • $LOCALAPPDATA/2345Explorer/User Data/Default/ExternalExtensions/GameBox.crx
    .zip
  • css/gamebox.css
  • images/flag.png
    .png
  • images/icon.png
    .png
  • images/icon_16.png
    .png
  • images/icon_48.png
    .png
  • images/logo.png
    .png
  • images/user.png
    .png
  • js/clickcount.js
    .js
  • js/data.json
  • js/lib/jquery-2.1.4.min.js
    .js
  • js/lib/smile.js
    .js
  • js/model.js
    .js
  • manifest.json
  • pic/baizhantianxia.jpg
    .jpg
  • pic/banner.jpg
    .jpg
  • pic/chuanqibaye.jpg
    .jpg
  • pic/datianshizhijian.jpg
    .jpg
  • pic/hundunzhanyu.jpg
    .jpg
  • popup.html
    .html
  • $PLUGINSDIR/FileInfo.dll
    .dll windows:5 windows x86 arch:x86

    d8a05e68f5dbb2904dba1973acbe9d5c


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/RCWidgetPlugin.dll
    .dll windows:5 windows x86 arch:x86

    cf8fd63a79a94c6feb23295fb46569bf


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:5 windows x86 arch:x86

    039bcbc605477e8e87ec550c2e60e748


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/upgrade_data.dll
    .dll windows:5 windows x86 arch:x86

    fd481f3c961ab8cca0f3851431764203


    Headers

    Imports

    Exports

    Sections

  • $TEMP/clear_cache.exe
  • $_29_/2345Explorer/User Data/Default/Favicons
  • $_29_/2345Explorer/User Data/Default/Onlinedata/A0.data
  • $_29_/2345Explorer/User Data/Default/Onlinedata/B0.data
  • $_29_/2345Explorer/User Data/Default/Onlinedata/C.ini
  • $_29_/2345Explorer/User Data/Default/Onlinedata/C1.data
  • $_29_/2345Explorer/User Data/Default/Onlinedata/D0.data
  • $_29_/2345Explorer/User Data/Default/Onlinedata/E0.data
  • $_29_/2345Explorer/User Data/Default/Onlinedata/F0.data
  • $_29_/2345Explorer/User Data/Default/Onlinedata/G0.data
  • $_29_/2345Explorer/User Data/Default/Onlinedata/H1.data
  • $_29_/2345Explorer/User Data/Default/Onlinedata/J0.data
  • $_29_/2345Explorer/User Data/Default/Onlinedata/K0.data
  • $_29_/2345Explorer/User Data/Default/Onlinedata/L0.data
  • $_29_/2345Explorer/User Data/Default/Onlinedata/N0.data
  • $_29_/2345Explorer/User Data/Default/Onlinedata/O1.data
  • $_29_/2345Explorer/User Data/Default/Onlinedata/P0.data
  • $_29_/2345Explorer/User Data/Default/Onlinedata/Q0.data
  • $_29_/2345Explorer/User Data/Default/Onlinedata/R0.data
  • $_29_/2345Explorer/User Data/Default/Onlinedata/S0.data
  • $_29_/2345Explorer/User Data/Default/Onlinedata/U0.data
  • $_29_/2345Explorer/User Data/Default/Onlinedata/V0.data
  • $_29_/2345Explorer/User Data/Default/Onlinedata/W0.data
  • $_29_/2345Explorer/User Data/Default/Onlinedata/X0.data
  • $_29_/2345Explorer/User Data/Default/Onlinedata/Y0.data
  • $_29_/2345Explorer/User Data/Default/Thumbnails/v1/0EE10DC0FD05BED87C9EF686F5E6BE92.jpg
    .jpg
  • $_29_/2345Explorer/User Data/Default/Thumbnails/v1/1751D2661AE639B4F73206E4F89D00F5.jpg
    .jpg
  • $_29_/2345Explorer/User Data/Default/Thumbnails/v1/1BD32688A1AFEE390A9BAA2F980F51C5.jpg
    .jpg
  • $_29_/2345Explorer/User Data/Default/Thumbnails/v1/1D876C8016E444F128E51846E997630B.jpg
    .jpg
  • $_29_/2345Explorer/User Data/Default/Thumbnails/v1/784820CCC528CC3A3CF2DF3B677F8761.jpg
    .jpg
  • $_29_/2345Explorer/User Data/Default/Thumbnails/v1/84675A6817FC8715E33BC1C631154B5D.jpg
    .jpg
  • $_29_/2345Explorer/User Data/Default/Thumbnails/v1/88173718B83CDD6D0B8C455578B0017F.jpg
    .jpg
  • $_29_/2345Explorer/User Data/Default/Thumbnails/v1/A23E76182652117769CBF29F57E0B586.jpg
    .jpg
  • $_29_/2345Explorer/User Data/Default/Thumbnails/v1/D0DAE34B88FC0CC86E305CE4C60E1670.jpg
    .jpg
  • $_29_/2345Explorer/User Data/Default/Thumbnails/v1/D9E52DE83E669630BF15DBA5427720EF.jpg
    .jpg
  • $_29_/2345Explorer/User Data/Default/Thumbnails/v1/D9E64F2E270D94BE64D2767E40861F1E.jpg
    .jpg
  • $_29_/2345Explorer/User Data/Default/Thumbnails/v1/F3CEDB071529EE68B89FD52ECB5DB549.jpg
    .jpg
  • $_29_/2345Explorer/User Data/Default/Thumbnails/v1/thumbnailslist
  • 2345Explorer.exe
  • 2345Recommender.exe
  • 6.5.0.11018.manifest
  • Extensions/defalut_extensions.json
  • Locales/zh-CN.pak
  • NativeFlash/NPSWF32.dll
  • NativeFlash/plugin.vch
  • PepperFlash/manifest.json
  • PepperFlash/pepflashplayer.dll
  • Plugins/np-mswmp.dll
  • Protect/2345InstallerWebProtect.dll
  • Protect/PopupTool.exe
  • Protect/Protect_2345Explorer.exe
  • Protect/ServiceManager.exe
  • Protect/UpdateMain.dll
  • Protect/coral_extract.dll
  • Protect/crash_service_dll.dll
  • Uninstall.exe
  • User Data/Default/Favicons
  • User Data/Default/Thumbnails/v1/0EE10DC0FD05BED87C9EF686F5E6BE92.jpg
    .jpg
  • User Data/Default/Thumbnails/v1/1751D2661AE639B4F73206E4F89D00F5.jpg
    .jpg
  • User Data/Default/Thumbnails/v1/1BD32688A1AFEE390A9BAA2F980F51C5.jpg
    .jpg
  • User Data/Default/Thumbnails/v1/1D876C8016E444F128E51846E997630B.jpg
    .jpg
  • User Data/Default/Thumbnails/v1/784820CCC528CC3A3CF2DF3B677F8761.jpg
    .jpg
  • User Data/Default/Thumbnails/v1/84675A6817FC8715E33BC1C631154B5D.jpg
    .jpg
  • User Data/Default/Thumbnails/v1/88173718B83CDD6D0B8C455578B0017F.jpg
    .jpg
  • User Data/Default/Thumbnails/v1/A23E76182652117769CBF29F57E0B586.jpg
    .jpg
  • User Data/Default/Thumbnails/v1/D0DAE34B88FC0CC86E305CE4C60E1670.jpg
    .jpg
  • User Data/Default/Thumbnails/v1/D9E52DE83E669630BF15DBA5427720EF.jpg
    .jpg
  • User Data/Default/Thumbnails/v1/D9E64F2E270D94BE64D2767E40861F1E.jpg
    .jpg
  • User Data/Default/Thumbnails/v1/F3CEDB071529EE68B89FD52ECB5DB549.jpg
    .jpg
  • User Data/Default/Thumbnails/v1/thumbnailslist
  • breakpad.dll
  • capture.dll
  • chrome.dll
  • chrome_100_percent.pak
    .js
  • chrome_child.dll
  • chrome_elf.dll
  • content_resources.pak
    .js
  • coral_extract.dll
  • courgette_dll.dll
  • d3dcompiler_46.dll
  • delegate_execute.exe
  • ffmpegsumo.dll
  • gdiplus_encapsulation.dll
  • gesture_dll.dll
  • icudtl.dat
  • libegl.dll
  • libexif.dll
  • libglesv2.dll
  • libpeerconnection.dll
  • metro_driver.dll
  • pdf.dll
  • prefs.dat
  • resources.pak
    .js
  • trident_core.dll
  • upgrade_notify.exe
  • welcome.ini
  • widevinecdmadapter.dll
  • wow_helper.exe
  • xinput1_3.dll