Overview

overview

7

Static

static

7

kksjfgfdv9...��.exe

windows7-x64

7

kksjfgfdv9...��.exe

windows10-2004-x64

7

kksjfgfdv9...��.url

windows7-x64

1

kksjfgfdv9...��.url

windows10-2004-x64

1

kksjfgfdv9...��.url

windows7-x64

1

kksjfgfdv9...��.url

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    48ec21a5d90d2b17d2554a01039df593_JaffaCakes118

  • Size

    1.5MB

  • MD5

    48ec21a5d90d2b17d2554a01039df593

  • SHA1

    a2da549fc1ae0b5bf255046f713054cbadc954e3

  • SHA256

    1cfd5ea3b2276726d96e5963b10625e84c396a28ed139cbf29c9cf9c2c46f4db

  • SHA512

    99c90d61d4b8d5227af33b11ade15d5c5bb948fde931e6ac5f8b0ae1e46a8006075435595c547f1316f112c0c729e3e9fba803bfe606ff623833a1c8f4c63814

  • SSDEEP

    49152:ziLkBPO4zt8cTor0hCuWcMuSLuuhBZBcpoTbSQ:ziLCm4ZTor0ouWcMLL0pWT

Score
7/10
vmprotect

Malware Config

Signatures

  • VMProtect packed file 1 IoCs

    Detects executables packed with VMProtect commercial packer.

    vmprotect
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 48ec21a5d90d2b17d2554a01039df593_JaffaCakes118
    .rar
  • kksjfgfdv9_piaodown/可可v9.5数据抓取工具/可可v9.5数据抓取工具.exe
    .exe windows:4 windows x86 arch:x86

    37c28990bbb4cad0e8a6b1f5bfd3ede1


    Headers

    Imports

    Sections

  • kksjfgfdv9_piaodown/可可v9.5数据抓取工具/更多软件下载.url
  • kksjfgfdv9_piaodown/可可v9.5数据抓取工具/飘荡软件.url
    .url