Overview

overview

8

Static

static

3

408e9afb88...18.exe

windows7-x64

8

408e9afb88...18.exe

windows10-2004-x64

7

$PLUGINSDI...fo.dll

windows7-x64

3

$PLUGINSDI...fo.dll

windows10-2004-x64

3

$PLUGINSDI...lp.dll

windows7-x64

3

$PLUGINSDI...lp.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...rd.ps1

windows7-x64

3

$PLUGINSDI...rd.ps1

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

$PLUGINSDI...ss.dll

windows7-x64

3

$PLUGINSDI...ss.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    408e9afb8838d2ce4bc1564831671924_JaffaCakes118

  • Size

    31.6MB

  • MD5

    408e9afb8838d2ce4bc1564831671924

  • SHA1

    546bbd4c9d6575a97908bf185ca355b50833f84a

  • SHA256

    0476a1189c0dc7077b9294407a3b6229bdc81f367b8c9b45677533e871b3f529

  • SHA512

    2b5a0f6531690eb27e71fe2c401b714f1b507ad8e3a871151e2f7ef8e1c6c39f6e66983eecdd8ee949bf99fd667b6c6c7d0d5b1d91475305e0a0a61d0cd0de93

  • SSDEEP

    393216:eFdVkxjskbzkeYVSh6ZfQibMdBlfThvKG2HEsnT41IYZmEdyT6aJTE88FkoFGvdf:enaTJph+zbWfThfK0bRwGn/STXZj

Score
3/10

Malware Config

Signatures

  • Unsigned PE 4 IoCs

    Checks for missing Authenticode signature.

Files

  • 408e9afb8838d2ce4bc1564831671924_JaffaCakes118
    .exe windows:5 windows x86 arch:x86

    32f3282581436269b3a75b6675fe3e08


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/Description.txt
  • $PLUGINSDIR/MoreInfo.dll
    .dll windows:4 windows x86 arch:x86

    149adf074d317fbf0d2f17314bd18969


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/OCSetupHlp.dll
    .dll regsvr32 windows:5 windows x86 arch:x86

    93bd1585ffbc730c763e71e0c6c896b3


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:5 windows x86 arch:x86

    039bcbc605477e8e87ec550c2e60e748


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/modern-header.bmp
  • $PLUGINSDIR/modern-wizard.bmp
    .ps1
  • $PLUGINSDIR/nsDialogs.dll
    .dll windows:5 windows x86 arch:x86

    9ea5bdc8c90dfcffe309465c26c89758


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsProcess.dll
    .dll windows:5 windows x86 arch:x86

    439074d1c01f7b16781bdf060930814a


    Headers

    Imports

    Exports

    Sections