Overview

overview

7

Static

static

7

xp-kg.exe

windows7-x64

4

xp-kg.exe

windows10-2004-x64

4

xpepius_setup.exe

windows7-x64

7

xpepius_setup.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...nu.dll

windows7-x64

3

$PLUGINSDI...nu.dll

windows10-2004-x64

3

Help.chm

windows7-x64

1

Help.chm

windows10-2004-x64

1

Uninstall.exe

windows7-x64

7

Uninstall.exe

windows10-2004-x64

7

XPepius.exe

windows7-x64

6

XPepius.exe

windows10-2004-x64

6

Sharing

Copy URL Twitter E-mail

General

  • Target

    0ef1232c9bfc28c159ae6b03f2620678_JaffaCakes118

  • Size

    839KB

  • MD5

    0ef1232c9bfc28c159ae6b03f2620678

  • SHA1

    218841efe753dd53f86beeaeb32e3f61797703ee

  • SHA256

    fc4c88b3a00af015501d5a0ea5482b609322e15ef5f4e3fb9855db9fd2144d8c

  • SHA512

    da073b765b57edb483409e285eba87e6275370276db64b871d0414bed43d0b14043560f9f923a0dac0ad4cdcfe8ba366196dd46e520dc2bcbbc69647c1815316

  • SSDEEP

    24576:2R2+K6uzO2EMRcuz3aMgY05nP+I9CfX67Fniwd2wT2WAk:s3y7FaK+nmrX67Finwgk

Score
7/10
upxaspackv2

Malware Config

Signatures

  • ASPack v2.12-2.42 1 IoCs

    Detects executables packed with ASPack v2.12-2.42

    aspackv2
  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 8 IoCs

    Checks for missing Authenticode signature.

Files

  • 0ef1232c9bfc28c159ae6b03f2620678_JaffaCakes118
    .rar
  • xp-kg.exe
    .exe windows:4 windows x86 arch:x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections

  • xpepius_setup.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    922b855d216a21490e4bcbf6c29b7f7d


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/StartMenu.dll
    .dll windows:4 windows x86 arch:x86

    7d85f9c30f9e87a65fff848de2c96ac1


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioCSP.ini
  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-header.bmp
  • $PLUGINSDIR/modern-wizard.bmp
  • Help.chm
    .chm
  • History.txt
  • Int.ccp
  • License.txt
  • Readme.txt
  • Register.txt
  • Soft.ccp
  • Uninstall.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • $PLUGINSDIR/modern-header.bmp
  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • Win.ccp
  • XPepius.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • pad_file.xml
    .xml
  • 下载说明.htm
    .html .js polyglot