General

  • Target

    4fe0fb4e3c634a4933c0f5aa37862ca9_JaffaCakes118

  • Size

    3.6MB

  • MD5

    4fe0fb4e3c634a4933c0f5aa37862ca9

  • SHA1

    251f0b3447b22bcb3838c351ac36d023493bfd7d

  • SHA256

    3d58752d9201e3bc58d32c2ab930287f6776e70ff316e59edea4ce2179a0cc0e

  • SHA512

    61c41343bf14c7b4e58b3203ac890c68c8bd22411741217d9efe834dc072de342a367a132472bdadf1fd2179184404748e6f62ac7a0ac8d04ebb34c955254c13

  • SSDEEP

    98304:Gs6PG+xOYTmsN6ia9ZujWr4A4cA6gM5x6r:oM8RML99oM36r

Score
7/10

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 1 IoCs

    Detects file using ACProtect software.

  • ASPack v2.12-2.42 1 IoCs

    Detects executables packed with ASPack v2.12-2.42

  • Themida packer 1 IoCs

    Detects Themida, an advanced Windows software protection system.

  • Unsigned PE 9 IoCs

    Checks for missing Authenticode signature.

Files

  • 4fe0fb4e3c634a4933c0f5aa37862ca9_JaffaCakes118
    .rar
  • LPv.dll
    .dll windows:4 windows x86 arch:x86

    baa93d47220682c04d92f7797d9224ce


    Headers

    Imports

    Exports

    Sections

  • MSCOMCTL.OCX
    .dll regsvr32 windows:4 windows x86 arch:x86

    ce21923007044b1701a0b2dc4ac9396b


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • MSINET.OCX
    .dll regsvr32 windows:4 windows x86 arch:x86

    d940cf5b3d0dfb340396c0608ef1a0c5


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • MSWINSCK.OCX
    .dll regsvr32 windows:4 windows x86 arch:x86

    cb0275eec9ac31b6d4d44320e576fadb


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • MonsterBattle.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • NPSCAN.DLL
    .dll windows:4 windows x86 arch:x86

    6746f7f0de67e370d1eedd8451c53e6c


    Headers

    Imports

    Exports

    Sections

  • PristonTale.ini
  • PristonTaleEng.ini
  • PristonTaleTest.ini
  • monsterpk.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • npgmup.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Sections

  • npkcrypt.dll
    .dll windows:4 windows x86 arch:x86

    e44ffd0e9c1c19ae13fdcb3a9f30fb6a


    Headers

    Imports

    Exports

    Sections

  • npkcrypt.sys
    .sys windows:5 windows x86 arch:x86

    5a33af5f3ff68ac82c870885a2e6b6a8


    Headers

    Imports

    Sections

  • npkcrypt.vxd
  • npkcusb.sys
    .sys windows:5 windows x86 arch:x86

    35b74266ff944d379620f444e7ab8a1a


    Headers

    Imports

    Sections

  • npkpdb.dll
    .dll windows:4 windows x86 arch:x86

    19d4374f3e0c08ff9cdb4826b422ae5e


    Headers

    Imports

    Exports

    Sections