Overview

overview

7

Static

static

7

东坡下载.url

windows7-x64

1

东坡下载.url

windows10-2004-x64

1

喜马拉�....0.exe

windows7-x64

7

喜马拉�....0.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    8bb1fcc159bbd4fd6027c79493964a2f_JaffaCakes118

  • Size

    1.4MB

  • MD5

    8bb1fcc159bbd4fd6027c79493964a2f

  • SHA1

    e2e952859f865fca5ab825558efb56a58d7d77c4

  • SHA256

    90ccc3298ea7c44eb664e312524e5b3244654323b685ac138ded72e2de811dda

  • SHA512

    b5b54724cb2ad8fe5d2cb27bbf24b7ee2af2823788b7fb3c102c6b50b41b9be20f19944b7dfa58058da89c55630a2fc320e1c969634a888a7ff512e58880ddd8

  • SSDEEP

    24576:tGTVdxRDS7iORkzmLxc7SPFFrKNLM2oKCAu5vDj875AOX6I1jW3nToAg0CFFlUh:8HxJS7iOImLFFVKNM2NCAsK5AOX6sMsS

Score
7/10
vmprotect

Malware Config

Signatures

  • VMProtect packed file 1 IoCs

    Detects executables packed with VMProtect commercial packer.

    vmprotect
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 8bb1fcc159bbd4fd6027c79493964a2f_JaffaCakes118
    .zip
  • 东坡下载.url
    .url
  • 东坡下载说明.txt
  • 喜马拉雅下载地址获取1.0.exe
    .exe windows:5 windows x86 arch:x86

    7e6ac65dcfed4000bdfc99ee2c989203


    Headers

    Imports

    Sections