dialog
initDialog
show
General
-
Target
24b06cf8c84fcb5e8e05f976a227923e_JaffaCakes118
-
Size
281KB
-
MD5
24b06cf8c84fcb5e8e05f976a227923e
-
SHA1
207b4713304b1236cd9956cad7c77e842a47f001
-
SHA256
d2bc8d01b79e6d96cdbf0ec55fbf4ebc8d3184df254d9a5af2dcfa8e099f51d1
-
SHA512
ac4a29e25e26d19f32d81b2c117dc921a69b2445115f3a2816ac6cc8e1f317cecbc1501cff2bfe076721fe0485e0a320ec714897cffcd5aff5e9809248ae7b33
-
SSDEEP
6144:iJgaWgScQj8JcWCAiplVSIuDgB/+kU24LIDAiqqhcnnoS0:KCcXEFYIEe+kUJMA7oF
Score
7/10
Malware Config
Signatures
-
UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Unsigned PE 4 IoCs
Checks for missing Authenticode signature.
Files
-
24b06cf8c84fcb5e8e05f976a227923e_JaffaCakes118
Headers
Sections
-
$PLUGINSDIR/InstallOptions.dll
57354bdeea3dfae6e948101add87501a
Headers
Imports
Exports
Sections
-
$PLUGINSDIR/ioSpecial.ini
-
$PLUGINSDIR/modern-wizard.bmp
-
YOK.ico
-
barcfg.ini
-
image/$R0
c557ddb9670a1b1585114b50c204bdaa
Headers
Imports
Sections
-
image/HighLight.bmp
-
image/adblockd.bmp
-
image/adblockn.bmp
-
image/baidu.bmp
-
image/books.bmp
-
image/business.bmp
-
image/favorites.bmp
-
image/flash.bmp
-
image/forums.bmp
-
image/games.bmp
-
image/google.bmp
-
image/iask.bmp
-
image/logo_hot.bmp
-
image/map.bmp
-
image/more.bmp
-
image/movies.bmp
-
image/music.bmp
-
image/news.bmp
-
image/pictures.bmp
-
image/search.bmp
-
image/shopping.bmp
-
image/softwares.bmp
-
image/sogou.bmp
-
image/stories.bmp
-
image/tool.bmp
-
image/tools.bmp
-
image/yisou.bmp
-
image/zhongsou.bmp
-
out.upx
Headers
Sections
-
search.ini
-
yoksch.htm