Overview

overview

7

Static

static

7

后台刷�...��.exe

windows7-x64

7

后台刷�...��.exe

windows10-2004-x64

7

河源下�...cn.url

windows7-x64

1

河源下�...cn.url

windows10-2004-x64

1

淘宝热卖.url

windows7-x64

1

淘宝热卖.url

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    4eae8bf1ea7fe576f422f3c6507ceb74_JaffaCakes118

  • Size

    2.8MB

  • MD5

    4eae8bf1ea7fe576f422f3c6507ceb74

  • SHA1

    a56b26536d016c88c9439813f2febc9a501c3c59

  • SHA256

    760b33c7221ced1e48895ad953e5ac14ae189641bb29281dcc43b205cfb9da12

  • SHA512

    e53bd2249310b225e0729881f3bddccfe2374e9998625c9b1e042f843908e238a1c712e9e54f50c05df4e8512697f59903984576c18ce079f4e4a21e7d311d0a

  • SSDEEP

    49152:al3PWRs8HWRQSAXoB6bTIF2EB6aN600Y/v/BWbNk10rRLrmFbAtXblR6DzGWPEgL:apPssame26bTIF2E1603cO4ztXhR6DzN

Score
7/10
vmprotect

Malware Config

Signatures

  • VMProtect packed file 1 IoCs

    Detects executables packed with VMProtect commercial packer.

    vmprotect
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 4eae8bf1ea7fe576f422f3c6507ceb74_JaffaCakes118
    .rar
  • 后台刷屏工具.exe
    .exe windows:5 windows x86 arch:x86

    44ebb55975abc0d671688e90c5241840


    Headers

    Imports

    Sections

  • 河源下载站-cngr.cn.url
    .url
  • 淘宝热卖.url
    .url