Overview

overview

7

Static

static

3

1292e1480f...18.exe

windows7-x64

7

1292e1480f...18.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...re.dll

windows7-x64

3

$PLUGINSDI...re.dll

windows10-2004-x64

3

Spyware-Se...al.exe

windows7-x64

3

Spyware-Se...al.exe

windows10-2004-x64

3

sqlite3.dll

windows7-x64

3

sqlite3.dll

windows10-2004-x64

3

uninst.exe

windows7-x64

7

uninst.exe

windows10-2004-x64

7

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

unrar.dll

windows7-x64

3

unrar.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    1292e1480fe96ef5072675e0a1317270_JaffaCakes118

  • Size

    608KB

  • MD5

    1292e1480fe96ef5072675e0a1317270

  • SHA1

    e0413c6b87128f93965244dcceac01efd0a8567c

  • SHA256

    7bb708d68660cec127867571e0a7947dc228b7c317022e1fedb622b34cda6acf

  • SHA512

    64d29d812b1ad07ab42b2d227b9e3ba5c1b662ff4da222c47e34518fc1cc8935ea682da9d6f3a9e3cdbfc185014316009169577be2080211ad2e9cb309969ba7

  • SSDEEP

    12288:8PYxlBDf+bMn1gITsbRmYDGQXPPN9xNtn2glXOTJOiv/3CuBr5:GYv4bU1gIo9TXPPrxNN2CCPCYr5

Score
3/10

Malware Config

Signatures

  • Unsigned PE 11 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 2 IoCs
    installer

Files

  • 1292e1480fe96ef5072675e0a1317270_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    9c523d8653da5455667e3f82274f2f88


    Headers

    Imports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    57354bdeea3dfae6e948101add87501a


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/KillProcDLL.dll
    .dll windows:4 windows x86 arch:x86

    815c88741b87a0210c457b00b57bf9c6


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/LangDLL.dll
    .dll windows:4 windows x86 arch:x86

    2db813254ea8b4d2a92d703ecb659f39


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/NSISSpywareSecure.dll
    .dll windows:4 windows x86 arch:x86

    7b065b0e50a9aa941fb391b4a9d60723


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-header.bmp
  • $PLUGINSDIR/modern-wizard.bmp
  • Spyware-Secure_trial.exe
    .exe windows:4 windows x86 arch:x86

    cfa8c3c81ec4d8a882055211c0bff20a


    Headers

    Imports

    Sections

  • sqlite3.dll
    .dll windows:4 windows x86 arch:x86

    cd4a5c39f36662a6a2f5167f71af9796


    Headers

    Imports

    Exports

    Sections

  • uninst.exe
    .exe windows:4 windows x86 arch:x86

    9c523d8653da5455667e3f82274f2f88


    Headers

    Imports

    Sections

  • $PLUGINSDIR/KillProcDLL.dll
    .dll windows:4 windows x86 arch:x86

    815c88741b87a0210c457b00b57bf9c6


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/LangDLL.dll
    .dll windows:4 windows x86 arch:x86

    2db813254ea8b4d2a92d703ecb659f39


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/modern-header.bmp
  • unrar.dll
    .dll windows:4 windows x86 arch:x86

    244d2f9772f4886a651db44514a2a29b


    Headers

    Imports

    Exports

    Sections