Overview

overview

7

Static

static

3

0a4eb9bd6c...18.exe

windows7-x64

7

0a4eb9bd6c...18.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...sh.dll

windows7-x64

3

$PLUGINSDI...sh.dll

windows10-2004-x64

3

$PLUGINSDI...te.dll

windows7-x64

3

$PLUGINSDI...te.dll

windows10-2004-x64

3

$PLUGINSDIR/xml.dll

windows7-x64

3

$PLUGINSDIR/xml.dll

windows10-2004-x64

3

App/TotalC...RK.dll

windows7-x64

3

App/TotalC...RK.dll

windows10-2004-x64

3

App/TotalC...64.sys

windows7-x64

1

App/TotalC...64.sys

windows10-2004-x64

1

App/TotalC...NT.sys

windows7-x64

1

App/TotalC...NT.sys

windows10-2004-x64

1

App/TotalC...32.dll

windows7-x64

3

App/TotalC...32.dll

windows10-2004-x64

3

App/TotalC...AD.exe

windows7-x64

3

App/TotalC...AD.exe

windows10-2004-x64

3

App/TotalC...NT.exe

windows7-x64

App/TotalC...NT.exe

windows10-2004-x64

App/TotalC...IN.exe

windows7-x64

3

App/TotalC...IN.exe

windows10-2004-x64

3

App/TotalC...MA.dll

windows7-x64

3

App/TotalC...MA.dll

windows10-2004-x64

3

App/TotalC...64.exe

windows7-x64

3

App/TotalC...64.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    0a4eb9bd6c4c2bd8e8e6894ef1cce0f1_JaffaCakes118

  • Size

    2.2MB

  • MD5

    0a4eb9bd6c4c2bd8e8e6894ef1cce0f1

  • SHA1

    ab94b51f8106909d6f5ef29965e9f7189c719a90

  • SHA256

    28ea5c33010b91a746532b2fa9011da625bf48fd8ddad35552199b2cdebb4b45

  • SHA512

    50d3442a1a8527839ea7eb51a9d4ccc88c753e9f04c072630a4436cb31f53759ab15e7f2745fa9138686d34155197f550e7c1895eacbbd8fc5bbc91c554834cb

  • SSDEEP

    49152:BDxjAoV3O9dy89tdD54fOcwd/mGiqxh9R4Tzj7q8IrIuuki4yuL:0C3O9dy89ffRdqqQ/ajItvtO

Score
3/10

Malware Config

Signatures

  • Unsigned PE 21 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 6 IoCs
    installer

Files

  • 0a4eb9bd6c4c2bd8e8e6894ef1cce0f1_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    099c0646ea7282d232219f8807883be0


    Headers

    Imports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    b1cd0d78f652ce5fc63f0879371af012


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/NSISdl.dll
    .dll windows:4 windows x86 arch:x86

    9cce555dd3ff1b6c7dc92d64c794c51a


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    2017f2acbdaa42ab3e4adeb8b4c37e7b


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/blowfish.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/locate.dll
    .dll windows:4 windows x86 arch:x86

    7f8181c74f882a780c7cd485241e8b51


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/modern-header.bmp
  • $PLUGINSDIR/modern-wizard.bmp
  • $PLUGINSDIR/xml.dll
    .dll windows:4 windows x86 arch:x86

    b5ed5b3a951d4443ce56e5453702d536


    Headers

    Imports

    Exports

    Sections

  • App/AppInfo/appicon.ico
  • App/AppInfo/appicon_16.png
    .png
  • App/AppInfo/appicon_32.png
    .png
  • App/AppInfo/appinfo.ini
  • App/TotalCommander/CABRK.DLL
    .dll windows:1 windows x86 arch:x86

    24443a39fe269254c2d4374dee7b22b6


    Headers

    Imports

    Exports

    Sections

  • App/TotalCommander/CGLPT64.SYS
    .sys windows:6 windows x64 arch:x64

    0f4173f7aa6a0a88d6b52a51ad811216


    Code Sign

    Headers

    Imports

    Sections

  • App/TotalCommander/CGLPT9X.VXD
  • App/TotalCommander/CGLPTNT.SYS
    .sys windows:5 windows x86 arch:x86

    a1aafec5128ab759a4e2c7c3e94b392b


    Code Sign

    Headers

    Imports

    Sections

  • App/TotalCommander/DEFAULT.BAR
  • App/TotalCommander/FRERES32.DLL
    .dll windows:1 windows x86 arch:x86


    Headers

    Exports

    Sections

  • App/TotalCommander/HISTORY.TXT
  • App/TotalCommander/KEYBOARD.TXT
  • App/TotalCommander/LANGUAGE/WCMD_CHN.HLP
  • App/TotalCommander/LANGUAGE/WCMD_CHN.INC
  • App/TotalCommander/LANGUAGE/WCMD_CHN.LNG
  • App/TotalCommander/LANGUAGE/WCMD_CHN.MNU
  • App/TotalCommander/NO.BAR
  • App/TotalCommander/SFXHEAD.SFX
    .exe windows:1 windows x86 arch:x86


    Headers

    Sections

  • App/TotalCommander/SHARE_NT.EXE
  • App/TotalCommander/SIZE!.TXT
  • App/TotalCommander/TCMADMIN.EXE
    .exe windows:4 windows x86 arch:x86

    7ebd298e98d74dad1ec6c558681acda7


    Code Sign

    Headers

    Imports

    Sections

  • App/TotalCommander/TCMDLZMA.DLL
    .dll windows:4 windows x86 arch:x86

    5be619a7249b480dd0aa78294ba8ed23


    Headers

    Imports

    Exports

    Sections

  • App/TotalCommander/TCMDX64.EXE
    .exe windows:4 windows x64 arch:x64

    8295974c081d0e9e58e33d212700c10a


    Code Sign

    Headers

    Imports

    Sections

  • App/TotalCommander/TCUNZLIB.DLL
    .dll windows:4 windows x86 arch:x86

    f7dca6848e944b0b8072cfb7eed5ece0


    Headers

    Imports

    Exports

    Sections

  • App/TotalCommander/TOTALCMD.EXE
    .exe windows:1 windows x86 arch:x86


    Code Sign

    Headers

    Sections

  • App/TotalCommander/TOTALCMD.EXE.MANIFEST
    .xml
  • App/TotalCommander/TOTALCMD.INC
  • App/TotalCommander/TcUsbRun.exe
    .exe windows:4 windows x86 arch:x86

    b96f0baa433a2a3423846c6bcecdcfee


    Code Sign

    Headers

    Imports

    Sections

  • App/TotalCommander/UNACEV2.DLL
    .dll windows:1 windows x86 arch:x86

    8390514c40641509cd0941c1fb7588ab


    Headers

    Imports

    Exports

    Sections

  • App/TotalCommander/UNRAR.DLL
    .dll windows:5 windows x86 arch:x86

    41aab8a60ae80b8c8098eacc3e085c4b


    Headers

    Imports

    Exports

    Sections

  • App/TotalCommander/WC32TO16.EXE
  • App/TotalCommander/WCMICONS.DLL
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • App/TotalCommander/WCMICONS.INC
  • App/TotalCommander/WCMZIP32.DLL
    .dll windows:4 windows x86 arch:x86

    f8b8f7b7ac5f9d18bec26bf18529430f


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • App/TotalCommander/WCUNINST.WUL
  • App/TotalCommander/descript.ion
  • Data/TotalCommander/wincmd.ini
  • Other/Help/images/favicon.ico
  • Other/Help/images/help_background_footer.png
    .png
  • Other/Help/images/help_background_header.png
    .png
  • Other/Help/images/help_logo_top.png
    .png
  • Other/Help/style.css
  • TotalCommanderPortable.exe
    .exe windows:4 windows x86 arch:x86

    099c0646ea7282d232219f8807883be0


    Headers

    Imports

    Sections

  • $EXEDIR/Data/TotalCommander/wincmd.key
  • $PLUGINSDIR/FindProcDLL.dll
    .dll windows:4 windows x86 arch:x86

    8df26927f8978d4eb40ff179c0aa961b


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/Registry.dll
    .dll windows:4 windows x86 arch:x86

    cd53277eaa7bbb8fb5b2b678274dcb4e


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    2017f2acbdaa42ab3e4adeb8b4c37e7b


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/newadvsplash.dll
    .dll windows:4 windows x86 arch:x86

    eee37c14e102da3f62385f9796c701ce


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/splash.bmp
  • uninst.exe
    .exe windows:4 windows x86 arch:x86

    099c0646ea7282d232219f8807883be0


    Headers

    Imports

    Sections

  • $PLUGINSDIR/modern-header.bmp