Overview

overview

8

Static

static

3

JaffaCakes...e0.exe

windows7-x64

3

JaffaCakes...e0.exe

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...lp.dll

windows7-x64

3

$PLUGINSDI...lp.dll

windows10-2004-x64

7

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

OpenCandy/...lp.dll

windows7-x64

3

OpenCandy/...lp.dll

windows10-2004-x64

7

SWFGen.dll

windows7-x64

3

SWFGen.dll

windows10-2004-x64

3

flash4dv6full.exe

windows7-x64

7

flash4dv6full.exe

windows10-2004-x64

7

install_fl..._x.exe

windows7-x64

8

install_fl..._x.exe

windows10-2004-x64

8

$PLUGINSDI...ay.dll

windows7-x64

3

$PLUGINSDI...ay.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...fo.dll

windows7-x64

3

$PLUGINSDI...fo.dll

windows10-2004-x64

3

$PLUGINSDI...ll.dll

windows7-x64

3

$PLUGINSDI...ll.dll

windows10-2004-x64

3

$PLUGINSDI...ec.dll

windows7-x64

3

$PLUGINSDI...ec.dll

windows10-2004-x64

3

Flash9f.dll

windows7-x64

3

Flash9f.dll

windows10-2004-x64

3

FlashUtil9f.exe

windows7-x64

3

FlashUtil9f.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_8101be7a724ddef1fe82800468e42ee0

  • Size

    10.8MB

  • MD5

    8101be7a724ddef1fe82800468e42ee0

  • SHA1

    dc34eaeebf1dd7c47dc6a89d118c2ed719bf256b

  • SHA256

    2db2257ad689c4df62b1b53df462cc1200136a43e2d500e3a2331965d3248890

  • SHA512

    adde0e9c1946c5c457c2b630dbf00e6b0269e7a3128e61cc6c11a1360ed68ae76cd4a87924d73d86201067c32d9b6759d6db2c9db3fda469b9b529ddc041e2f8

  • SSDEEP

    196608:rDv9Y//yWUpr3U6rcUoqsNlSEb7z8IsSKebhQO5cz53m/7/sxthiYdK:rD1Y/aWGC1qelbZsShQOY2/7/4h3k

Score
3/10

Malware Config

Signatures

  • Unsigned PE 11 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 3 IoCs
    installer

Files

  • JaffaCakes118_8101be7a724ddef1fe82800468e42ee0
    .exe windows:4 windows x86 arch:x86

    099c0646ea7282d232219f8807883be0


    Headers

    Imports

    Sections

  • $PLUGINSDIR/LangDLL.dll
    .dll windows:4 windows x86 arch:x86

    9b6b6a7858e17fb0b17e1c1428330343


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/OCSetupHlp.dll
    .dll windows:5 windows x86 arch:x86

    cbaa743e839b4c7508b43278250895e4


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    2017f2acbdaa42ab3e4adeb8b4c37e7b


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/modern-header.bmp
  • $PLUGINSDIR/modern-wizard.bmp
  • $PLUGINSDIR/nsDialogs.dll
    .dll windows:4 windows x86 arch:x86

    1e2884056e655f2b7bc5a904e352fc80


    Headers

    Imports

    Exports

    Sections

  • OpenCandy/OCSetupHlp.dll
    .dll windows:5 windows x86 arch:x86

    cbaa743e839b4c7508b43278250895e4


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • OpenCandy/OpenCandy_Why_Is_This_Here.txt
  • SWFGen.dll
    .dll regsvr32 windows:4 windows x86 arch:x86

    42c4c71f4b3f5ea7709214397e994552


    Headers

    Imports

    Exports

    Sections

  • about.bmp
  • ac.f4d
  • auto.txt
  • blank.swf
  • custom_settings.f4d
  • detectflash.swf
  • didquot_off.f4d
  • dmethod.f4d
  • dupconte.f4d
  • em.f4d
  • english.f4d
  • firsttimenever.f4d
  • flash4dv6full.exe
    .exe windows:4 windows x86 arch:x86

    2c3f83ad4554a3f64b80c52a3a33f9db


    Headers

    Imports

    Sections

  • helpballons.f4d
  • icon.ico
  • id.f4d
  • install_flash_player_active_x.exe
    .exe windows:4 windows x86 arch:x86

    f14903f539cc8667478f89ca4497258f


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/NSISArray.dll
    .dll windows:4 windows x86 arch:x86

    91596216b99c852af6e0fb1fe8192de4


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    4ec328f99bdd944fc98d8a5cf11f7a62


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/UserInfo.dll
    .dll windows:4 windows x86 arch:x86

    48cfa0ea7e353e4a7dd23572da8374ef


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/fpinstall.dll
    .dll windows:4 windows x86 arch:x86

    4bb7026bcfe942cdf23b6f661ad54f48


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsExec.dll
    .dll windows:4 windows x86 arch:x86

    238a16a49edf3ab59e2f8c89449c9af7


    Headers

    Imports

    Exports

    Sections

  • Flash9f.ocx
    .dll regsvr32 windows:4 windows x86 arch:x86

    c78b62c1feda53e018e3bc7fa4a262b7


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • FlashUtil9f.exe
    .exe windows:4 windows x86 arch:x86

    a9d79d340821ec352051fcf0138d0a55


    Code Sign

    Headers

    Imports

    Sections

  • uninstall_activeX.exe.nsis
  • irststartup.f4d
  • optimode.f4d
  • program.swf
  • re.f4d
  • setlang.f4d
  • storeddata.f4d
  • swfs/.DS_Store
  • swfs/award.swf
  • swfs/beauty.swf
  • swfs/beautynew.swf
  • swfs/bible.swf
  • swfs/candlelight.swf
  • swfs/cars.swf
  • swfs/catsndogs.swf
  • swfs/christmas.swf
  • swfs/curtains.swf
  • swfs/doctor.swf
  • swfs/earth.swf
  • up.f4d
  • version.f4d
  • vinfo.f4d