General

  • Target

    b4f59686fd7152308319c0149228d791_JaffaCakes118

  • Size

    445KB

  • MD5

    b4f59686fd7152308319c0149228d791

  • SHA1

    6acb594636d1413280db7ee27208122c59ec0636

  • SHA256

    bbd2bff06aacd7b800cba984ff2c699c349f24a6c24fd1bb45b6940f12ed79c1

  • SHA512

    4fb52d5c630d39f72f2cc5163c326167530551d5b0d452a5437ac2fb5be1552ca7e28bc74a45b5294f9c42bbb33694c6863471e81a9aecd6515ecf380994abc4

  • SSDEEP

    12288:/eVF3cnvEy9uTk4FF1g38Hx1iCJXOyC1aNJjrlIpGPyZw:/ez3c79uTk4rH1fiaNhRIpGPyW

Score
7/10
upx

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 1 IoCs

    Detects file using ACProtect software.

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 22 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 6 IoCs

Files

  • b4f59686fd7152308319c0149228d791_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    7fa974366048f9c551ef45714595665e


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/BaseConvert.dll
    .dll windows:4 windows x86 arch:x86

    92d1944a344e10d9304b08e82ed1c192


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ButtonEvent.dll
    .dll windows:5 windows x86 arch:x86

    0ece15e7d9bb35972aec701f46192460


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/Dialer.dll
    .dll windows:4 windows x86 arch:x86

    6504337db30ea93d33d7a714fefff047


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/GetVersion.dll
    .dll windows:5 windows x86 arch:x86

    fb1aa2bbc159c94cb45792330366bd5f


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/KillProcDLL.dll
    .dll windows:4 windows x86 arch:x86

    153027ec3b10bcea606b777657dd3402


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/Linker.dll
    .dll windows:5 windows x86 arch:x86

    99dc4446909b2b6024dadb7d90b2d08c


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/Math.dll
    .dll windows:4 windows x86 arch:x86

    c1eddc2d743572429fa0b1a79b7ac0fe


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/SimpleInstaller.exe
    .exe windows:4 windows x86 arch:x86

    7fa974366048f9c551ef45714595665e


    Headers

    Imports

    Sections

  • $_2_/Uninstall.exe
    .exe windows:4 windows x86 arch:x86

    7fa974366048f9c551ef45714595665e


    Headers

    Imports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    2017f2acbdaa42ab3e4adeb8b4c37e7b


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ThreadTimer.dll
    .dll windows:5 windows x86 arch:x86

    cd7699c6e9370d6d4c4bcc96b7286a04


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/Timeout.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • $PLUGINSDIR/blowfish.dll
    .dll windows:5 windows x86 arch:x86

    e54581069389c8637eea8a96955b3f0c


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ef.exe
    .exe windows:4 windows x86 arch:x86

    99ddb4833fd288b7cd21dae67e0bff37


    Headers

    Imports

    Sections

  • $PLUGINSDIR/icons/data_1.dat
    .zip
  • 1.ico
  • 10.ico
    .png
  • 100.ico
  • 10000.ico
  • 10001.ico
  • 10002.ico
  • 10003.ico
  • 10004.ico
  • 10005.ico
  • 10006.ico
  • 10007.ico
  • 10008.ico
  • 10009.ico
  • 10010.ico
  • 10011.ico
  • 10012.ico
  • 10013.ico
  • 10014.ico
  • 10015.ico
  • 10016.ico
  • 10017.ico
  • 10018.ico
  • 10019.ico
  • 10020.ico
  • 10021.ico
  • 10022.ico
  • 10023.ico
  • 10024.ico
  • 10025.ico
  • 10026.ico
  • 10027.ico
  • 10028.ico
  • 10029.ico
  • 10030.ico
  • 10031.ico
  • 10032.ico
  • 10033.ico
  • 10034.ico
  • 10035.ico
  • 10036.ico
  • 10037.ico
  • 10038.ico
  • 10039.ico
  • 10040.ico
  • 10041.ico
  • 10042.ico
  • 10043.ico
  • 10044.ico
  • 10045.ico
  • 10046.ico
  • 10047.ico
  • 10048.ico
  • 10049.ico
  • 10050.ico
  • 10051.ico
  • 10052.ico
  • 10053.ico
  • 10054.ico
  • 10055.ico
  • 10056.ico
  • 10057.ico
  • 10058.ico
  • 10059.ico
  • 101.ico
  • 102.ico
  • 103.ico
    .png
  • 104.ico
    .gif
  • 107.ico
    .png
  • 108.ico
  • 11.ico
    .png
  • 110.ico
    .png
  • 111.ico
  • 112.ico
  • 119.ico
  • 12.ico
  • 120.ico
  • 121.ico
  • 122.ico
  • 123.ico
  • 125.ico
  • 13.ico
  • 14.ico
    .png
  • 15.ico
  • 16.ico
  • 17.ico
  • 18.ico
  • 19.ico
  • 2.ico
  • 20.ico
  • 21.ico
  • 22.ico
  • 23.ico
  • 24.ico
  • 25.ico
  • 26.ico
  • 29.ico
  • 3.ico
  • 30.ico
  • 31.ico
  • 33.ico
    .png
  • 34.ico
  • 36.ico
    .png
  • 37.ico
    .png
  • 38.ico
  • 39.ico
  • 4.ico
  • 40.ico
  • 41.ico
  • 42.ico
  • 43.ico
    .png
  • 44.ico
  • 45.ico
    .png
  • 46.ico
  • 47.ico
  • 48.ico
  • 5.ico
  • 52.ico
    .png
  • 53.ico
  • 54.ico
  • 55.ico
  • 57.ico
  • 59.ico
  • 6.ico
  • 61.ico
  • 62.ico
    .png
  • 63.ico
    .png
  • 64.ico
  • 65.ico
  • 66.ico
  • 68.ico
  • 69.ico
  • 72.ico
  • 73.ico
  • 75.ico
  • 76.ico
  • 77.ico
  • 78.ico
  • 79.ico
  • 8.ico
    .gif
  • 80.ico
  • 81.ico
  • 82.ico
  • 85.ico
  • 86.ico
  • 87.ico
  • 88.ico
    .png
  • 89.ico
  • 90.ico
  • 91.ico
  • 92.ico
  • 93.ico
  • 94.ico
  • 95.ico
  • 97.ico
    .png
  • 98.ico
  • $PLUGINSDIR/icons/default.ico
  • $PLUGINSDIR/icons/no_toolbar.ico
  • $PLUGINSDIR/inetc.dll
    .dll windows:5 windows x86 arch:x86

    7ccb9c5f3f9fc1eda5b1015ecdb98e95


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/inetc.dll.out0
  • $PLUGINSDIR/inetc.dll.out1
  • $PLUGINSDIR/main.ico
  • $PLUGINSDIR/mf.exe
    .exe windows:4 windows x86 arch:x86

    f2643c160562bdc90ab86555d95a702b


    Headers

    Imports

    Sections

  • $PLUGINSDIR/modern-wizard.bmp
  • $PLUGINSDIR/nsDialogs.dll
    .dll windows:4 windows x86 arch:x86

    1e2884056e655f2b7bc5a904e352fc80


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsExec.dll
    .dll windows:4 windows x86 arch:x86

    d83f71e61ee459ee63ca3e829966a9dc


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsRichEdit.dll
    .dll windows:5 windows x86 arch:x86


    Headers

    Exports

    Sections

  • out.upx
    .dll windows:5 windows x86 arch:x86


    Headers

    Sections

  • $PLUGINSDIR/nsWeb.dll
    .dll windows:5 windows x86 arch:x86

    971fa2fe74c0fde1b3916657707cb02b


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsisunz.dll
    .dll windows:4 windows x86 arch:x86

    0f92772da9c737d2bac38919e9863980


    Headers

    Imports

    Exports

    Sections