Overview

overview

7

Static

static

3

25bc261e33...18.exe

windows7-x64

7

25bc261e33...18.exe

windows10-2004-x64

7

$PLUGINSDIR/Math.dll

windows7-x64

3

$PLUGINSDIR/Math.dll

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...pt.dll

windows7-x64

3

$PLUGINSDI...pt.dll

windows10-2004-x64

3

$SYSDIR/ad...ve.exe

windows7-x64

7

$SYSDIR/ad...ve.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...dl.dll

windows7-x64

3

$PLUGINSDI...dl.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$_5_.dll

windows7-x64

6

$_5_.dll

windows10-2004-x64

6

Sharing

Copy URL Twitter E-mail

General

  • Target

    25bc261e331d46355a64eb7823c57ced_JaffaCakes118

  • Size

    370KB

  • MD5

    25bc261e331d46355a64eb7823c57ced

  • SHA1

    39ac66291502c32faf7554775bb584bdc81fae95

  • SHA256

    0e5ecc9b5a7febe8d3f26ce53b655321e615cedda2907921a17666a2880192cd

  • SHA512

    882f20cfd1e3c300430f71f5ef9158a307aed152d93a2831ec88de83eef92d3c1bf413c7c110e5319fa62cd2ed0f95e119524bfe5dce196a03ac065820698db3

  • SSDEEP

    6144:WXlxOWzEypjflZ19JmW4iVK8001JTQpSe50jRY/HbLMGS+hwyJqhBSbm4/ks0b6o:fTkrhm2+01Zg50jYHbLMG/wk84/s6vw

Score
3/10

Malware Config

Signatures

  • Unsigned PE 10 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 4 IoCs
    installer

Files

  • 25bc261e331d46355a64eb7823c57ced_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    099c0646ea7282d232219f8807883be0


    Headers

    Imports

    Sections

  • $PLUGINSDIR/Math.dll
    .dll windows:4 windows x86 arch:x86

    fedb8e95b3698a6c05b69204d3c2de7a


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/NSISdl.dll
    .dll windows:4 windows x86 arch:x86

    9cce555dd3ff1b6c7dc92d64c794c51a


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    4ec328f99bdd944fc98d8a5cf11f7a62


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsBrowserOpt.dll
    .dll windows:5 windows x86 arch:x86

    6921ee910b5088c363dd0cae3c8298ff


    Headers

    Imports

    Exports

    Sections

  • $SYSDIR/adssite-remove.exe
    .exe windows:4 windows x86 arch:x86

    099c0646ea7282d232219f8807883be0


    Headers

    Imports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:5 windows x86 arch:x86

    0dd66824726715358a99b2af20e0b80a


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/NSISdl.dll
    .dll windows:4 windows x86 arch:x86

    9cce555dd3ff1b6c7dc92d64c794c51a


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    4ec328f99bdd944fc98d8a5cf11f7a62


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/validate.ini
  • $_5_
    .dll regsvr32 windows:5 windows x86 arch:x86

    e2f1668b6ab2be40ad3970991968c9f9


    Headers

    Imports

    Exports

    Sections