General

  • Target

    JaffaCakes118_1c767504f104ee50e4b36d570ad425e6

  • Size

    557KB

  • MD5

    1c767504f104ee50e4b36d570ad425e6

  • SHA1

    17573257e094e11addea4fbefd141da2c4ee9134

  • SHA256

    76c838fd441934a2adc953d69d5e8415b0384e3cd3b2576fdeb0aa4d07148786

  • SHA512

    eef8c13489b793ec92162f6905ad7ae77cec62ff3640dac9f4e415cc9074f42c07e321410926016114408cf7fbb55ec7f9226d4b33703e44291925f0b97d4f8f

  • SSDEEP

    12288:O8pABEUrVmoPJbmwCvWau374XAHM88Y8/mFuIhYY:DAsiJbNBau374QOmb

Score
3/10

Malware Config

Signatures

  • Unsigned PE 3 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 2 IoCs

Files

  • JaffaCakes118_1c767504f104ee50e4b36d570ad425e6
    .exe windows:4 windows x86 arch:x86

    7fa974366048f9c551ef45714595665e


    Headers

    Imports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    2017f2acbdaa42ab3e4adeb8b4c37e7b


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/nsProcess.dll
    .dll windows:4 windows x86 arch:x86

    c9fc7f6df8fedf8f8f1f9f820c072664


    Headers

    Imports

    Exports

    Sections

  • $PROGRAMFILES/WebEdit/$PROGRAMFILES/WebEdit/uninst.exe.nsis
  • $PROGRAMFILES/WebEdit/$PROGRAMFILES/WebEdit/webed_uins.dat.nsis
  • $PROGRAMFILES/WebEdit/webedit_run.ex_
    .exe windows:4 windows x86 arch:x86

    70b93420aad076c3f49a8ad8fe0a636f


    Code Sign

    Headers

    Imports

    Sections

  • $PROGRAMFILES/WebEdit/webedit_run.exe
    .exe windows:4 windows x86 arch:x86

    70b93420aad076c3f49a8ad8fe0a636f


    Code Sign

    Headers

    Imports

    Sections

  • $PROGRAMFILES/WebEdit/webedit_svc_10_1.ex_
    .exe windows:4 windows x86 arch:x86

    e30dbd6e725f58f367f96a82b1ab07d7


    Code Sign

    Headers

    Imports

    Sections

  • $PROGRAMFILES/WebEdit/webedit_svc_10_1.exe
    .exe windows:4 windows x86 arch:x86

    e30dbd6e725f58f367f96a82b1ab07d7


    Code Sign

    Headers

    Imports

    Sections

  • $PROGRAMFILES/WebEdit/webeditas.dl_
    .dll regsvr32 windows:4 windows x86 arch:x86

    29b8a6cc44fe0560eb31baa7fc9d3383


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PROGRAMFILES/WebEdit/webeditas.dll
    .dll regsvr32 windows:4 windows x86 arch:x86

    29b8a6cc44fe0560eb31baa7fc9d3383


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PROGRAMFILES/WebEdit/webeditasnad.dl_
    .dll windows:4 windows x86 arch:x86

    1b8ac61f181bb9dfeb8f3f3f5f7080cf


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PROGRAMFILES/WebEdit/webeditasnad.dll
    .dll windows:4 windows x86 arch:x86

    1b8ac61f181bb9dfeb8f3f3f5f7080cf


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PROGRAMFILES/WebEdit/webeditastb.dl_
    .dll regsvr32 windows:4 windows x86 arch:x86

    1a22386a97e0a24a44132ffb047bbf74


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $PROGRAMFILES/WebEdit/webeditastb.dll
    .dll regsvr32 windows:4 windows x86 arch:x86

    1a22386a97e0a24a44132ffb047bbf74


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $TEMP/~nsis/$_4_/webeditasnad.dll
    .dll windows:4 windows x86 arch:x86

    1b8ac61f181bb9dfeb8f3f3f5f7080cf


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • $WINDIR/System32/wediasvc.exe
    .exe windows:4 windows x86 arch:x86

    3fd82c8226ad0d705629f330b79c4c88


    Code Sign

    Headers

    Imports

    Sections