General

  • Target

    ffb1efeb74150a5de45ed344f837da2e_JaffaCakes118

  • Size

    368KB

  • MD5

    ffb1efeb74150a5de45ed344f837da2e

  • SHA1

    b451fc63aa0547063e74d26137fd6417385584da

  • SHA256

    fca32cf0c62210488d4c092cb9e44b7089b661f7419f3c8a56c4f21a02991b4e

  • SHA512

    1bc9293206ec8aef27c082bb0a977a0b1390185975846886d8fd05431b359ddcf63d4030a95a15859846f2ae53d089a697989c9f724cb3b599a5ddf2db5eb7d0

  • SSDEEP

    6144:XPCganNZkbEWgWCLBcaNB+dRnEG6/xl4KSQdr0Lwne8MlD8sC/E91J4:tan/k4HIa+1y41Qp0LbD8z/2j4

Score
3/10

Malware Config

Signatures

  • Unsigned PE 6 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 2 IoCs

Files

  • ffb1efeb74150a5de45ed344f837da2e_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    7c2c71dfce9a27650634dc8b1ca03bf0


    Headers

    Imports

    Sections

  • $TEMP/Aphagia
  • $TEMP/Predecease.dll
    .dll windows:5 windows x86 arch:x86

    2a16b692a36ad81404bfad3463c3ded9


    Headers

    Imports

    Exports

    Sections

  • $TEMP/bookmark/thanks/69.opends60.dll
  • $TEMP/bookmark/thanks/79.opends60.dll
  • $TEMP/bookmark/thanks/CertStoreQuery.xml
  • $TEMP/bookmark/thanks/MFC80JPN.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Sections

  • $TEMP/bookmark/thanks/Schema.xml
  • $TEMP/bookmark/thanks/cert2spc.exe
    .exe windows:5 windows x86 arch:x86

    eee3da4a931a35aab985602afc0ab483


    Headers

    Imports

    Sections

  • $TEMP/bookmark/thanks/crtowordsde.dll
    .dll windows:4 windows x86 arch:x86

    6f988c1a610d6d6041dba23a9db823d1


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $TEMP/bookmark/thanks/editbin.exe
    .exe windows:5 windows x64 arch:x64

    fee3a3a6eb1f13a63454550347b7ff2f


    Code Sign

    Headers

    Imports

    Sections

  • $TEMP/bookmark/thanks/interfaces.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • $TEMP/bookmark/thanks/io.pagure.lohit.devanagari.font.metainfo.xml
    .xml
  • $TEMP/bookmark/thanks/iso3166.xml
  • $TEMP/bookmark/thanks/quotecloseactivity.xml
  • $TEMP/bookmark/thanks/vnd.adobe.photoshop.xml
    .xml
  • $TEMP/bookmark/thanks/x-reject.xml
    .xml
  • $TEMP/list_users/4.opends60.dll
  • $TEMP/list_users/IEHost.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • $TEMP/list_users/org.gnome.evolution-data-server.calendar.gschema.xml
    .xml
  • $TEMP/list_users/pkcs7-signature.xml
    .xml