Overview

overview

7

Static

static

7

WinKawaks.exe

windows7-x64

5

WinKawaks.exe

windows10-2004-x64

6

kailleraclient.dll

windows7-x64

5

kailleraclient.dll

windows10-2004-x64

5

Sharing

Copy URL Twitter E-mail

General

  • Target

    15238e2b103083c8de260d0e40b20101_JaffaCakes118

  • Size

    1.4MB

  • MD5

    15238e2b103083c8de260d0e40b20101

  • SHA1

    051213612697b373a0dcf15d3d539a3c8bfd206a

  • SHA256

    875771b11c74ea2cea09272f896bf89c581901deff045b22443d4150d1d8769d

  • SHA512

    494c685e83852b39c39c8bb445197122b398cb2707f9f70c26f6f0e8089ae7a90210345a54750da616316f1d9bab839f777fdda065a66551f77f3369a79d9745

  • SSDEEP

    24576:223NlqJ3bboHOewYb3RD0igkHjQmxaYe3WI7Wv+vHXSV7B3KmKm2VMC26mq6:/9lqJLbNvfigkPxtemI7g+PShBaj26Y

Score
7/10
upx

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 1 IoCs

    Detects file using ACProtect software.

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 3 IoCs

    Checks for missing Authenticode signature.

Files

  • 15238e2b103083c8de260d0e40b20101_JaffaCakes118
    .zip
  • DefaultWinKawaksINI.zip
    .zip
  • WinKawaks.ini
  • WinKawaks.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • WinKawaks.ini
  • WinKawaks.rom
  • blend/ddsom.bld
  • blend/ddtod.bld
  • blend/sfa.bld
  • defaultkeysCPS.ini
  • defaultkeysMVS.ini
  • eeprom/pzloop2.epm
  • eeprom/pzloop2j.epm
  • faq.txt
  • kailleraclient.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • out.upx
    .dll windows:4 windows x86 arch:x86


    Headers

    Sections

  • lang/Arabic.lng
  • lang/Brazilian Portuguese.lng
  • lang/Bulgarian.lng
  • lang/Catalan.lng
  • lang/Charnego.lng
  • lang/Chinese(Big5).lng
  • lang/Chinese(Simp).lng
  • lang/Czech.lng
  • lang/Dutch.lng
  • lang/English.lng
  • lang/Finnish.lng
  • lang/French.lng
  • lang/German.lng
  • lang/Greek.lng
  • lang/Hebrew.lng
  • lang/Italian.lng
  • lang/Japanese.lng
  • lang/Korean.lng
  • lang/L33t.lng
  • lang/Norwegian.lng
  • lang/Polish.lng
  • lang/Portuguese.lng
  • lang/Russian.lng
  • lang/Serbian.lng
  • lang/Spanish.lng
  • lang/Swedish.lng
  • lang/Turkish.lng
  • roms/neogeo/neogeo.zip
    .zip
  • 000-lo.lo
  • asia-s3.rom
  • neo-epo.bin
  • neo-po.bin
  • neodebug.rom
  • sfix.sfix
  • sm1.sm1
  • sp-e.sp1
  • sp-j2.rom
  • sp-s.sp1
  • sp-s2.sp1
  • sp1.jipan.1024
  • uni-bios_1_0.rom
  • uni-bios_1_1.rom
  • uni-bios_1_2.rom
  • uni-bios_1_2o.rom
  • uni-bios_1_3.rom
  • uni-bios_2_0.rom
  • uni-bios_2_1.rom
  • uni-bios_2_2.rom
  • uni-bios_2_3.rom
  • uni-bios_2_3o.rom
  • usa_2slt.bin
  • vs-bios.rom
  • sample_ini_files.zip
    .zip
  • sfz3jr1.ini
  • xmcota.ini
  • xmvsf.ini
  • tracklst/19xx.dat
  • tracklst/avsp.dat
  • tracklst/batcirj.dat
  • tracklst/captcomm.dat
  • tracklst/csclubj.dat
  • tracklst/cybotsj.dat
  • tracklst/ddtod.dat
  • tracklst/dstlk.dat
  • tracklst/ecofghtr.dat
  • tracklst/ffight.dat
  • tracklst/kof94.dat
  • tracklst/kof95.dat
  • tracklst/kof96.dat
  • tracklst/kof97.dat
  • tracklst/kof98.dat
  • tracklst/kof99.dat
  • tracklst/msh.dat
  • tracklst/mshvsf.dat
  • tracklst/mvsc.dat
  • tracklst/pbobblen.dat
  • tracklst/ringdest.dat
  • tracklst/sf2.dat
  • tracklst/sf2ce.dat
  • tracklst/sfa.dat
  • tracklst/sfa2.dat
  • tracklst/sfa3.dat
  • tracklst/sgemf.dat
  • tracklst/spf2t.dat
  • tracklst/ssf2.dat
  • tracklst/vsav.dat
  • tracklst/vsav2.dat
  • tracklst/wakuwak7.dat
  • tracklst/xmcota.dat
  • tracklst/xmvsf.dat
  • whatsnew.txt