Overview

overview

7

Static

static

3

08733ff9ca...18.exe

windows7-x64

7

08733ff9ca...18.exe

windows10-2004-x64

7

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...pt.dll

windows7-x64

3

$PLUGINSDI...pt.dll

windows10-2004-x64

3

$SYSDIR/co...ve.exe

windows7-x64

7

$SYSDIR/co...ve.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$_5_.dll

windows7-x64

6

$_5_.dll

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    08733ff9ca8d10dc8a89d5054e9b6ffc_JaffaCakes118

  • Size

    395KB

  • MD5

    08733ff9ca8d10dc8a89d5054e9b6ffc

  • SHA1

    d813297226e4ee80245c95ec0344a650089bad21

  • SHA256

    9b31d0a58d4bd0d04651a2b29590f3c76493bb50fd5e6d21afb6c1d6a291e433

  • SHA512

    d7b9a4585facb170da19816c5536ec6a585523e46546393742e2d34e3c5ba2ba55ce71aa4ed0a66e8895bd691e1581ffd8a2c0a1f5a8d2b947225232ae4c8831

  • SSDEEP

    6144:Fwg4zMoMVe/VRHzhV3yxXPhlfCWfBJ8V8jcq0m3b+HBp85Z5vF5qxds7EpG9CGkQ:L4m8nHziNh9CWZSVxULQI5N0xdsoe6Pm

Score
3/10

Malware Config

Signatures

  • Unsigned PE 9 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 4 IoCs
    installer

Files

  • 08733ff9ca8d10dc8a89d5054e9b6ffc_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    099c0646ea7282d232219f8807883be0


    Headers

    Imports

    Sections

  • $PLUGINSDIR/NSISdl.dll
    .dll windows:4 windows x86 arch:x86

    9cce555dd3ff1b6c7dc92d64c794c51a


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    4ec328f99bdd944fc98d8a5cf11f7a62


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsBrowserOpt.dll
    .dll windows:5 windows x86 arch:x86

    1736a7ce3e6c6a291951d4572504aa71


    Headers

    Imports

    Exports

    Sections

  • $SYSDIR/cont_globaladsolution-remove.exe
    .exe windows:4 windows x86 arch:x86

    099c0646ea7282d232219f8807883be0


    Headers

    Imports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    b1cd0d78f652ce5fc63f0879371af012


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/NSISdl.dll
    .dll windows:4 windows x86 arch:x86

    9cce555dd3ff1b6c7dc92d64c794c51a


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    4ec328f99bdd944fc98d8a5cf11f7a62


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/validate.ini
  • $_5_
    .dll regsvr32 windows:5 windows x86 arch:x86

    073a013abee9c6d996d609ecf14b4809


    Headers

    Imports

    Exports

    Sections