Overview

overview

7

Static

static

7

lordpe/16Edit.dll

windows7-x64

7

lordpe/16Edit.dll

windows10-2004-x64

7

lordpe/LDE...mp.exe

windows7-x64

1

lordpe/LDE...mp.exe

windows10-2004-x64

1

lordpe/LDE/Genoep.dll

windows7-x64

1

lordpe/LDE/Genoep.dll

windows10-2004-x64

1

lordpe/LDE...mp.dll

windows7-x64

1

lordpe/LDE...mp.dll

windows10-2004-x64

1

lordpe/LDS...mp.exe

windows7-x64

1

lordpe/LDS...mp.exe

windows10-2004-x64

1

lordpe/LDS...ep.dll

windows7-x64

1

lordpe/LDS...ep.dll

windows10-2004-x64

1

lordpe/LordPE.exe

windows7-x64

7

lordpe/LordPE.exe

windows10-2004-x64

7

lordpe/Mis...it.exe

windows7-x64

1

lordpe/Mis...it.exe

windows10-2004-x64

1

lordpe/Mis...it.vbs

windows7-x64

1

lordpe/Mis...it.vbs

windows10-2004-x64

1

lordpe/Mis...lf.exe

windows7-x64

1

lordpe/Mis...lf.exe

windows10-2004-x64

1

lordpe/Mis...ck.exe

windows7-x64

1

lordpe/Mis...ck.exe

windows10-2004-x64

1

lordpe/Mis...op.exe

windows7-x64

7

lordpe/Mis...op.exe

windows10-2004-x64

7

lordpe/Mis...MD.exe

windows7-x64

1

lordpe/Mis...MD.exe

windows10-2004-x64

1

lordpe/Mis...xD.exe

windows7-x64

1

lordpe/Mis...xD.exe

windows10-2004-x64

1

lordpe/Mis...op.dll

windows7-x64

1

lordpe/Mis...op.dll

windows10-2004-x64

1

lordpe/Mis...ry.dll

windows7-x64

1

lordpe/Mis...ry.dll

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    24de19bb3668e013918f062063187a03_JaffaCakes118

  • Size

    346KB

  • MD5

    24de19bb3668e013918f062063187a03

  • SHA1

    091ea9346c4b5c178acf46b616d6a3b3e4f36fa4

  • SHA256

    538c68a47f67c2966fd821a636e2018855f7ec3992289a8de749f0a7a7cd9cb2

  • SHA512

    404c13efadcbefcc970ddf62050fcbb50dd6b01d68903219099a25fd89b979d2316de5e51d90f16acb4ae0813044cb091792a480a4b7018dc0793183fd0daffb

  • SSDEEP

    6144:J72M282UF3MvNIYSGh17pII6jykoBHeqCHsGZHoM+Kcq2M1JZ/u+8JLhuonktgqG:J749U98h68BHeqCHsGZKIhun5h/kt3G

Score
7/10
upx

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 3 IoCs

    Detects file using ACProtect software.

  • UPX packed file 3 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 37 IoCs

    Checks for missing Authenticode signature.

Files

  • 24de19bb3668e013918f062063187a03_JaffaCakes118
    .rar
  • lordpe/16Edit.DLL
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • out.upx
    .dll windows:4 windows x86 arch:x86


    Headers

    Sections

  • lordpe/LDE/Cooldump.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • lordpe/LDE/Genoep.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • lordpe/LDE/IntelliDump.LDE
    .dll windows:4 windows x86 arch:x86

    cd4f4f57932a96a8ea7047435b5053ea


    Headers

    Imports

    Exports

    Sections

  • lordpe/LDE/LDELoad.log
  • lordpe/LDS_Clients/CoolDump1.4/Cooldump.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • lordpe/LDS_Clients/CoolDump1.4/File_id.diz
  • lordpe/LDS_Clients/CoolDump1.4/Genoep.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • lordpe/LDS_Clients/CoolDump1.4/Ug2002.nfo
  • lordpe/LDS_Clients/CoolDump1.4/Ug2003.nfo
  • lordpe/LordPE.EXE
    .exe windows:4 windows x86 arch:x86

    af5a2557d1d5daaaf732f8a12ba06a54


    Headers

    Imports

    Sections

  • lordpe/LordPE.iNi
  • lordpe/Misc/16Edit.exe
    .exe windows:4 windows x86 arch:x86

    3915ab2aa57cdef4a874beac32a99f23


    Headers

    Imports

    Sections

  • lordpe/Misc/16Edit.tXt
    .vbs
  • lordpe/Misc/LordElf.exe
    .exe windows:4 windows x86 arch:x86

    dbdc13e9fe4048ca29db8f14af5cf58b


    Headers

    Imports

    Sections

  • lordpe/Misc/LordElf.tXt
  • lordpe/Misc/MetaPuck.exe
    .exe windows:4 windows x86 arch:x86

    65076f412a3c0a389d46177e0a3683a8


    Headers

    Imports

    Sections

  • lordpe/Misc/MetaPuck.tXt
  • lordpe/Misc/PESnoop.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • lordpe/Misc/PESnoop.tXt
  • lordpe/Misc/RunKMD.exe
    .exe windows:4 windows x86 arch:x86

    7b700cb395c90c9431168f9449d5c73b


    Headers

    Imports

    Sections

  • lordpe/Misc/RunKMD.tXt
  • lordpe/Misc/RunVxD.exe
    .exe windows:4 windows x86 arch:x86

    6d8a5c23ea76c87325f0ffaa3e930d27


    Headers

    Imports

    Sections

  • lordpe/Misc/RunVxD.tXt
  • lordpe/Misc/SoftSnoop/APISnoop.dll
    .dll windows:4 windows x86 arch:x86

    189541063a68896fdad9c98b6d5f6307


    Headers

    Imports

    Exports

    Sections

  • lordpe/Misc/SoftSnoop/ApiDef/Kernel32.ss
  • lordpe/Misc/SoftSnoop/ApiDef/SS.TXT
  • lordpe/Misc/SoftSnoop/ApiDef/User32.ss
  • lordpe/Misc/SoftSnoop/ForceLibrary.dll
    .dll windows:4 windows x86 arch:x86

    381e752d4cf0389f7eb35922ca5268a9


    Headers

    Imports

    Exports

    Sections

  • lordpe/Misc/SoftSnoop/Plugins/HelloWorld.dll
    .dll windows:4 windows x86 arch:x86

    404e4d51a749c64c9e3db149fe6af736


    Headers

    Imports

    Exports

    Sections

  • lordpe/Misc/SoftSnoop/Plugins/MsgHook.dll
    .dll windows:4 windows x86 arch:x86

    ddaedee7bea36e496fe1dc768c43d7e8


    Headers

    Imports

    Sections

  • lordpe/Misc/SoftSnoop/Plugins/PluginExp3.dll
    .dll windows:1 windows x86 arch:x86


    Headers

    Exports

    Sections

  • lordpe/Misc/SoftSnoop/Plugins/TestMe.exe
    .exe windows:4 windows x86 arch:x86

    98c88d882f01a3f6ac1e5f7dfd761624


    Headers

    Imports

    Sections

  • lordpe/Misc/SoftSnoop/SoftSnoop.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • lordpe/Misc/SoftSnoop/SoftSnoop.tXt
  • lordpe/Misc/yPER.exe
    .exe windows:4 windows x86 arch:x86

    b74a6218943cbdab2ffd30749e228d8b


    Headers

    Imports

    Sections

  • lordpe/Misc/yPER.tXt
  • lordpe/PROCS.DLL
    .dll windows:4 windows x86 arch:x86

    671e5d05e30b558e7b4fab82758cac2b


    Headers

    Imports

    Exports

    Sections

  • lordpe/PROTOOLS.COM
  • lordpe/PSAPI.DLL
    .dll windows:5 windows x86 arch:x86

    264476cbdcf6020ccd69c92bbd24050f


    Headers

    Imports

    Exports

    Sections

  • lordpe/REALIGN.DLL
    .dll windows:4 windows x86 arch:x86

    843d4acd52668b581fd295da850eeceb


    Headers

    Imports

    Exports

    Sections

  • lordpe/RunLDS.BAT
  • lordpe/SDK/16Edit/16Edit.cs
  • lordpe/SDK/16Edit/16Edit.def
  • lordpe/SDK/16Edit/16EditDll.INC
  • lordpe/SDK/16Edit/16EditDll.bas
  • lordpe/SDK/16Edit/16EditDll.h
  • lordpe/SDK/16Edit/APIs.tXt
  • lordpe/SDK/16Edit/B_16Edit.lib
  • lordpe/SDK/16Edit/HEditDll.pas
    .js
  • lordpe/SDK/16Edit/MS_16Edit.lib
  • lordpe/SDK/16Edit/TOC.tXt
  • lordpe/SDK/LordPE/LDE/IntelliDump/IntelliDump.DEF
  • lordpe/SDK/LordPE/LDE/IntelliDump/IntelliDump.c
  • lordpe/SDK/LordPE/LDE/IntelliDump/IntelliDump.dsp
  • lordpe/SDK/LordPE/LDE/IntelliDump/IntelliDump.mak
  • lordpe/SDK/LordPE/LDE/LDE.tXt
  • lordpe/SDK/LordPE/LDS/Examples/ASM/LDS_LoadDump.bat
  • lordpe/SDK/LordPE/LDS/Examples/C/Plugin.c
  • lordpe/SDK/LordPE/LDS/Examples/C/Plugin.dsp
  • lordpe/SDK/LordPE/LDS/Examples/C/Plugin.mak
  • lordpe/SDK/LordPE/LDS/Examples/C/resource.h
  • lordpe/SDK/LordPE/LDS/Examples/C/rsrc.rc
  • lordpe/SDK/LordPE/LDS/Examples/CS/App.ico
  • lordpe/SDK/LordPE/LDS/Examples/CS/AssemblyInfo.cs
  • lordpe/SDK/LordPE/LDS/Examples/CS/Form1.cs
  • lordpe/SDK/LordPE/LDS/Examples/CS/Form1.resx
    .vbs .xml polyglot
  • lordpe/SDK/LordPE/LDS/Examples/CS/LDSChat.csproj
  • lordpe/SDK/LordPE/LDS/Examples/CS/LDSChat.csproj.user
  • lordpe/SDK/LordPE/LDS/Examples/CS/LDSChat.sln
  • lordpe/SDK/LordPE/LDS/Examples/CallModMem.EXE
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • lordpe/SDK/LordPE/LDS/Examples/Delphi/FindLDSAndLaunch4Delphi.dpr
  • lordpe/SDK/LordPE/LDS/Examples/Delphi/LDS_DmpTst.dpr
  • lordpe/SDK/LordPE/LDS/Examples/Delphi/LDS_VerPid.dpr
  • lordpe/SDK/LordPE/LDS/Examples/LDSChat.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • lordpe/SDK/LordPE/LDS/Examples/LDS_DmpTst.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • lordpe/SDK/LordPE/LDS/Examples/LDS_LoadDump.exe
    .exe windows:4 windows x86 arch:x86

    37233ab54761e227db351e9a7c77f7d2


    Headers

    Imports

    Sections

  • lordpe/SDK/LordPE/LDS/Examples/LDS_TaskViewer.exe
    .exe windows:4 windows x86 arch:x86

    6b1649ca6b76d36e4f75bd013074d178


    Headers

    Imports

    Sections

  • lordpe/SDK/LordPE/LDS/Examples/LDS_VerPid.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • lordpe/SDK/LordPE/LDS/INC/LDS.INC
  • lordpe/SDK/LordPE/LDS/INC/LDS.bas
  • lordpe/SDK/LordPE/LDS/INC/LDS.cs
  • lordpe/SDK/LordPE/LDS/INC/LDS.h
  • lordpe/SDK/LordPE/LDS/INC/LDS.ni
  • lordpe/SDK/LordPE/LDS/INC/LDS.pas
  • lordpe/SDK/LordPE/LDS/LDS.tXt
  • lordpe/SDK/SoftSnoop/PluginExp1/PluginExp1.c
  • lordpe/SDK/SoftSnoop/PluginExp1/PluginExp1.def
  • lordpe/SDK/SoftSnoop/PluginExp1/PluginExp1.dsp
  • lordpe/SDK/SoftSnoop/PluginExp2/BUILD.BAT
  • lordpe/SDK/SoftSnoop/PluginExp2/BUILD.PIF
  • lordpe/SDK/SoftSnoop/PluginExp2/MsgHook.ASM
  • lordpe/SDK/SoftSnoop/PluginExp2/RESOURCE.INC
  • lordpe/SDK/SoftSnoop/PluginExp2/Rsrc.res
  • lordpe/SDK/SoftSnoop/PluginExp3/PluginExp3.dpr
  • lordpe/SDK/SoftSnoop/PluginExp3/RSRC.RES
  • lordpe/SDK/SoftSnoop/Plugins.tXt
  • lordpe/SDK/SoftSnoop/SSPlugin.INC
  • lordpe/SDK/SoftSnoop/SSPlugin.pas
    .js
  • lordpe/SDK/SoftSnoop/SSplugin.h
  • lordpe/SDK/procsDLL/examples/EXP1Out.BAT
  • lordpe/SDK/procsDLL/examples/UseProcs1.exe
    .exe windows:4 windows x86 arch:x86

    65d36d8a9354e322365bcbf93be3d18c


    Headers

    Imports

    Sections

  • lordpe/SDK/procsDLL/examples/useprocs1/CONSOLE.INC
  • lordpe/SDK/procsDLL/examples/useprocs1/MAKE.BAT
  • lordpe/SDK/procsDLL/examples/useprocs1/MAKE.PIF
  • lordpe/SDK/procsDLL/examples/useprocs1/UseProcs1.ASM
  • lordpe/SDK/procsDLL/examples/useprocs2.exe
    .exe windows:4 windows x86 arch:x86

    e2f259fab986c39d43d603ee27c60f81


    Headers

    Imports

    Sections

  • lordpe/SDK/procsDLL/examples/useprocs2/USEPROCS.C
  • lordpe/SDK/procsDLL/examples/useprocs2/UseProcs2.dsw
  • lordpe/SDK/procsDLL/examples/useprocs2/useprocs2.dsp
  • lordpe/SDK/procsDLL/procs.INC
  • lordpe/SDK/procsDLL/procs.chm
    .chm
  • lordpe/SDK/procsDLL/procs.h
  • lordpe/SDK/procsDLL/procs.lib
  • lordpe/SDK/realignDLL/Realign.h
  • lordpe/SDK/realignDLL/realign.lib
  • lordpe/Thief/PE Explorer.tXt
  • lordpe/Thief/TDS_Adjuster.jpg
    .jpg
  • lordpe/TrapDll.exe
    .exe windows:4 windows x86 arch:x86

    2c66707ee126f64a912ba629873148d1


    Headers

    Imports

    Sections

  • lordpe/URLs/.NET Framework.URL
  • lordpe/URLs/16Edit FX-package.url
  • lordpe/URLs/yoda's home.url
  • lordpe/docs/EndOfCommerce.tXt
  • lordpe/docs/History.tXt
  • lordpe/docs/LDE.tXt
  • lordpe/docs/LDS.tXt
  • lordpe/docs/License.tXt
  • lordpe/docs/LordPE.tXt
  • lordpe/docs/ToDo.tXt
  • lordpe/il018/il018/iceload.asm
  • lordpe/il018/il018/iceload.exe
    .exe windows:4 windows x86 arch:x86

    13ca6fcf1e8be720fd2c8c18e8bccf35


    Headers

    Imports

    Sections

  • lordpe/il018/il018/iceload.txt
  • lordpe/il018/il018/inc/iceload.inc
  • lordpe/il018/il018/inc/nmtrans.inc
  • lordpe/il018/il018/lib/nmtrans.lib
  • lordpe/il018/il018/makefile
  • lordpe/il018/il018/ntice.txt
  • lordpe/il018/il018/rsrc/iceload.ico
  • lordpe/il018/il018/rsrc/icersrc.dlg
  • lordpe/il018/il018/rsrc/icersrc.h
  • lordpe/il018/il018/rsrc/icersrc.res
  • lordpe/il018/il018/rsrc/toolbar.bmp