Overview

overview

5

Static

static

5

f987d64bc6...18.exe

windows7-x64

5

f987d64bc6...18.exe

windows10-2004-x64

5

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...ib.dll

windows7-x64

3

$PLUGINSDI...ib.dll

windows10-2004-x64

3

$PLUGINSDI...nu.dll

windows7-x64

3

$PLUGINSDI...nu.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$_10_/Exte...er.exe

windows7-x64

$_10_/Exte...er.exe

windows10-2004-x64

5.1.1.4851...64.exe

windows7-x64

1

5.1.1.4851...64.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    f987d64bc6a216e6e84061ec1c7aa01d_JaffaCakes118

  • Size

    768KB

  • MD5

    f987d64bc6a216e6e84061ec1c7aa01d

  • SHA1

    8eb751916250322753a7060e3f50a786f885089f

  • SHA256

    d28a99e326344a743517aa1d640959093f213e997f58adca50a650e5a6fed7a3

  • SHA512

    cf4689d5eda75f411ad1d2fd2ff50ed175f65b3f589f69331c833996765c96ea5da67c6c4428cdc8d9856958727cf811d32a595548c81a61fb7656e64a83b542

  • SSDEEP

    12288:85llZfiKwtQAyL9usutk7cfTaoXPOLhA/brlEgAtqEwoHwTbBp37J7Ed0Bo0tB7W:6bV8K99LUao8u3+gAtq9oHw3r+2BoQ1E

Score
5/10
upx

Malware Config

Signatures

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 6 IoCs

    Checks for missing Authenticode signature.

Files

  • f987d64bc6a216e6e84061ec1c7aa01d_JaffaCakes118
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:5 windows x86 arch:x86

    cd90e33ffbc335413a25300c682c83df


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/SetupLib.dll
    .dll windows:5 windows x86 arch:x86

    e9608c332d69972d8c6c3b88b41c81fb


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/StartMenu.dll
    .dll windows:5 windows x86 arch:x86

    b1d9539c7cfd95718179dedb471b482f


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:5 windows x86 arch:x86

    6c41c5e4d44f55745b925cc4e42b7fab


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/install0.bmp
  • $PLUGINSDIR/install1.bmp
  • $PLUGINSDIR/install2.bmp
  • $PLUGINSDIR/install3.bmp
  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-header.bmp
  • $PLUGINSDIR/modern-wizard.bmp
  • $_10_/ExtensionManager.exe
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections

  • 5.1.1.4851/install64.exe
    .exe windows:5 windows x64 arch:x64

    4a48a81ad5a65f00310f63144f5707cc


    Code Sign

    Headers

    Imports

    Sections

  • out.upx
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections