Overview

overview

3

Static

static

3

PYF/EGCal.exe

windows7-x64

1

PYF/EGCal.exe

windows10-2004-x64

1

PYF/GdiPlus.dll

windows7-x64

3

PYF/GdiPlus.dll

windows10-2004-x64

3

PYF/机械....1.exe

windows7-x64

1

PYF/机械....1.exe

windows10-2004-x64

1

[机械设...en.exe

windows7-x64

1

[机械设...en.exe

windows10-2004-x64

1

使用说明.htm

windows7-x64

1

使用说明.htm

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4e66c88f57f95823f4f19158f7bcdf81_JaffaCakes118

  • Size

    3.3MB

  • MD5

    4e66c88f57f95823f4f19158f7bcdf81

  • SHA1

    cb9430643cba60857def0b25e764c326d0e11501

  • SHA256

    e5db651c0c3ec73c9f1c784869193b51b7d669885b403201aeb122858f6695c4

  • SHA512

    9b7299cb72a7fee309f09a38243db5743ba50ecd403176cde11e1ef90d9a11ae4ddd31a8544a1b1bda26624e0497427df75732d385b8e489875e4220887943ca

  • SSDEEP

    98304:1ZhfwutOyL/vjnnGPcKuT+YFOrxzderbCMVHGGUc/N6HnH:pYGLzn4++YFoxzkr7VHzV/N6HH

Score
3/10

Malware Config

Signatures

  • Unsigned PE 4 IoCs

    Checks for missing Authenticode signature.

Files

  • 4e66c88f57f95823f4f19158f7bcdf81_JaffaCakes118
    .rar
  • PYF/DB.mdb
  • PYF/EGCal.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • PYF/GdiPlus.dll
    .dll windows:5 windows x86 arch:x86

    7941976a82dd7ff8b1a2ea069878fab3


    Headers

    Imports

    Exports

    Sections

  • PYF/SanPan.ini
  • PYF/Temp/SanPan.ini
  • PYF/readme.txt
  • PYF/位置图片.bmp
  • PYF/分辨率字体大小设置示意图片.bmp
  • PYF/机械设计系统3.1.exe
    .exe windows:4 windows x86 arch:x86

    da272e9bb4777d45e6ec575a6685dfdd


    Headers

    Imports

    Sections

  • [机械设计系统3.1]keygen.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • piaodown.com.txt
  • 使用说明.htm
    .html
  • 说明.txt