Overview

overview

8

Static

static

7

小林子�...��.url

windows7-x64

1

小林子�...��.url

windows10-2004-x64

1

龙天辅�...lt.exe

windows7-x64

7

龙天辅�...lt.exe

windows10-2004-x64

7

龙天辅�...r2.exe

windows7-x64

7

龙天辅�...r2.exe

windows10-2004-x64

7

龙天辅�....1.exe

windows7-x64

8

龙天辅�....1.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    47230447c74b072801eb3c7a74ed85e1_JaffaCakes118

  • Size

    10.0MB

  • MD5

    47230447c74b072801eb3c7a74ed85e1

  • SHA1

    22c04d37ad8883cf436df4bf2a82eff08a91c2e5

  • SHA256

    21e1b08aed511a9af4b10c478bb984527dfb9103d54bdc6c7a3988ed0e21a27a

  • SHA512

    d4ac247a44d41f5caddab9b104012935bf65bf463c64d36d354fdf18df47ff20abb1ed2015b773bee1bf4e1354aacc2aa905dcfec21eb9cef910e918b955c810

  • SSDEEP

    196608:4M1giCs7kZFgVQiYddU33ie18VQ6FMqsC50wx6s1PEeBP:OiC8kZFgVQiIu335iWAh0g6epBP

Score
7/10
upxvmprotect

Malware Config

Signatures

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • VMProtect packed file 1 IoCs

    Detects executables packed with VMProtect commercial packer.

    vmprotect
  • Unsigned PE 4 IoCs

    Checks for missing Authenticode signature.

Files

  • 47230447c74b072801eb3c7a74ed85e1_JaffaCakes118
    .rar
  • 小林子游戏网.url
  • 龙天辅助免费版/lt.dat
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • 龙天辅助免费版/mir2.dat
    .exe windows:5 windows x86 arch:x86

    2698a05f2079022ef86b916087a081e0


    Headers

    Imports

    Sections

  • 龙天辅助免费版/反外挂登录器开法.txt
  • 龙天辅助免费版/龙天辅助3.1.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections