General

  • Target

    0f4cc38d9579d0685b694a70e4e9d7f4_JaffaCakes118

  • Size

    809KB

  • MD5

    0f4cc38d9579d0685b694a70e4e9d7f4

  • SHA1

    bd083fbe464f773158a2aa3bd1cfc1e6c745786e

  • SHA256

    1257eb42368501130beff8430eb2ddfbf957838f94b1588d857c4ce17040c89c

  • SHA512

    497955a54609ee15f35a55b1e20fd0c5dc00835896b13752c52a136dab2ac2ba7576aac9df989e6b22e843e034db1169e51ec2fe5823d28d35289287214a5157

  • SSDEEP

    24576:9Vgb7BQPNOiFr9vk4ZhI119U0FH5wcf5eY:9cBY5Fr9vk4Zha193ZwcZ

Score
7/10
upx

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 2 IoCs

    Detects file using ACProtect software.

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 16 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 2 IoCs

Files

  • 0f4cc38d9579d0685b694a70e4e9d7f4_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    36276e7c12820586c6f4cfea7e3f74d2


    Headers

    Imports

    Sections

  • $PLUGINSDIR/DLLWebCount.dll
    .dll windows:4 windows x86 arch:x86

    324e87a129b7b2af320238c8ab284874


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/FindProcDLL.dll
    .dll windows:4 windows x86 arch:x86

    c480ee4d2a64d4a16edee43fdfe35079


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    b3d296ff6f7abb1319ee006fcc6c4d98


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/SelfDelete.dll
    .dll windows:4 windows x86 arch:x86

    3d91458bc90a151726bcfdaeff902d08


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-header.bmp
  • $PLUGINSDIR/modern-wizard.bmp
  • $PLUGINSDIR/registry.dll
    .dll windows:4 windows x86 arch:x86

    b7ee45a6b27b2cc1f63e0c612ff4ee32


    Headers

    Imports

    Exports

    Sections

  • License.txt
  • ieguideupdate.exe
    .exe windows:4 windows x86 arch:x86

    bffffe29adc16ae7e391fe087eceac08


    Headers

    Imports

    Sections

  • niebar.dll
    .dll regsvr32 windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • niebho.dll
    .dll regsvr32 windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • uninstall.exe
    .exe windows:4 windows x86 arch:x86

    36276e7c12820586c6f4cfea7e3f74d2


    Headers

    Imports

    Sections

  • $PLUGINSDIR/DLLWaitForKillProgram.dll
    .dll windows:4 windows x86 arch:x86

    2e92645153848ef99816d61ac6e2a921


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/DLLWeb.dll
    .dll windows:4 windows x86 arch:x86

    4889ffc9b27fe54dc09c314fe25763b2


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/IEFunctions.dll
    .dll windows:4 windows x86 arch:x86

    d3ade25d7710cc7b0801440c6df6098c


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/IEKill.dll
    .dll windows:4 windows x86 arch:x86

    144dfc1dead6dbf5082de448c187851b


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    b3d296ff6f7abb1319ee006fcc6c4d98


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/KillProcDLL.dll
    .dll windows:4 windows x86 arch:x86

    815c88741b87a0210c457b00b57bf9c6


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-header.bmp
  • $PLUGINSDIR/modern-wizard.bmp