Overview

overview

6

Static

static

3

cr_liuyao.exe

windows7-x64

6

cr_liuyao.exe

windows10-2004-x64

6

dat/lyhelp.chm

windows7-x64

1

dat/lyhelp.chm

windows10-2004-x64

1

dat/lyzs.chm

windows7-x64

1

dat/lyzs.chm

windows10-2004-x64

1

dat/非常...��.url

windows7-x64

1

dat/非常...��.url

windows10-2004-x64

1

liuyao_f/0.rtf

windows7-x64

4

liuyao_f/0.rtf

windows10-2004-x64

1

liuyao_f/0m.rtf

windows7-x64

4

liuyao_f/0m.rtf

windows10-2004-x64

1

liuyao_f/1.rtf

windows7-x64

4

liuyao_f/1.rtf

windows10-2004-x64

1

liuyao_f/1m.rtf

windows7-x64

4

liuyao_f/1m.rtf

windows10-2004-x64

1

liuyao_f/2.rtf

windows7-x64

4

liuyao_f/2.rtf

windows10-2004-x64

1

liuyao_f/2m.rtf

windows7-x64

4

liuyao_f/2m.rtf

windows10-2004-x64

1

liuyao_f/3.rtf

windows7-x64

4

liuyao_f/3.rtf

windows10-2004-x64

1

liuyao_f/3m.rtf

windows7-x64

4

liuyao_f/3m.rtf

windows10-2004-x64

1

liuyao_f/4.rtf

windows7-x64

4

liuyao_f/4.rtf

windows10-2004-x64

1

liuyao_f/4m.rtf

windows7-x64

4

liuyao_f/4m.rtf

windows10-2004-x64

1

liuyao_f/5.rtf

windows7-x64

4

liuyao_f/5.rtf

windows10-2004-x64

1

liuyao_f/5m.rtf

windows7-x64

4

liuyao_f/5m.rtf

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    216395dfc123f10507604f2bc4a4d08f_JaffaCakes118

  • Size

    774KB

  • MD5

    216395dfc123f10507604f2bc4a4d08f

  • SHA1

    e6a4bb4c93415eeb2aa7f0ba85ca000cd6cbcea7

  • SHA256

    dcebb83ec56a172f3b01f50150e347118fc956105590374be12021b01aff68dc

  • SHA512

    28805472230147dd3abe15eea9cf9f068737aceb06926834cfedd922d6a601b4b25d1c2b83b070ab09d2a6b707334e59ca7c35ccc536e8ddaacc74ccf3d74eda

  • SSDEEP

    12288:gMkulTeYq1D3/xQhAzRegdlK4W7EvTnx+ZF5eApuP6SwQgUTNB3pykcfcZcm5cj8:gMkeqjDvGMRWYrnUEyk6GTvu4he8

Score
3/10

Malware Config

Signatures

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 216395dfc123f10507604f2bc4a4d08f_JaffaCakes118
    .rar
  • cr_liuyao.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • dat/hzlen.dat
  • dat/liuyao0.dat
  • dat/lyhelp.chm
    .chm
  • dat/lyinit.ini
  • dat/lypic.BMP
  • dat/lyzs.chm
    .chm
  • dat/meihy.dat
  • dat/zazhan.txt
  • dat/下载说明.htm
    .html .js polyglot
  • dat/安装说明.txt
  • dat/非常世纪资源网.url
    .url
  • liuyao_f/0.rtf
    .rtf
  • liuyao_f/0m.rtf
    .rtf
  • liuyao_f/1.rtf
    .rtf
  • liuyao_f/1m.rtf
    .rtf
  • liuyao_f/2.rtf
    .rtf
  • liuyao_f/2m.rtf
    .rtf
  • liuyao_f/3.rtf
    .rtf
  • liuyao_f/3m.rtf
    .rtf
  • liuyao_f/4.rtf
    .rtf
  • liuyao_f/4m.rtf
    .rtf
  • liuyao_f/5.rtf
    .rtf
  • liuyao_f/5m.rtf
    .rtf
  • liuyao_f/下载说明.htm
    .html .js polyglot
  • liuyao_f/非常世纪资源网.url
    .url
  • 下载说明.htm
    .html .js polyglot
  • 非常世纪资源网.url
    .url