Overview

overview

7

Static

static

7

wmsj-jgb/j...��.url

windows7-x64

1

wmsj-jgb/j...��.url

windows10-2004-x64

1

wmsj-jgb/j...nd.cmd

windows7-x64

1

wmsj-jgb/j...nd.cmd

windows10-2004-x64

1

wmsj-jgb/j...wg.exe

windows7-x64

1

wmsj-jgb/j...wg.exe

windows10-2004-x64

1

wmsj-jgb/j...on.dll

windows7-x64

1

wmsj-jgb/j...on.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    2a8236ec9135d4d57b0ca86bb5d4f097_JaffaCakes118

  • Size

    1.2MB

  • MD5

    2a8236ec9135d4d57b0ca86bb5d4f097

  • SHA1

    805e5462764b08d5a3d47dbd55194fa716e80790

  • SHA256

    9746c340bf7d7e69603fdd64dd5e5790be794b9ac4ecf84640fb46feae27eca0

  • SHA512

    f0f168be40f3042a7d179228aa4a7646fad43fa404f71a7fe18338ca65d5e5b6d2f1044b3429965052db608b0672a4dd138f57855a4714cb689fcad8aff34575

  • SSDEEP

    24576:XoQG2mHq60Jd9pDKCpmAnL3ccGon8ggEbYzxdOBLs2Y1tV5Xi4K6T:Yn30DvDKetjccDn8YbJY2YLGE

Score
7/10
aspackv2

Malware Config

Signatures

  • ASPack v2.12-2.42 2 IoCs

    Detects executables packed with ASPack v2.12-2.42

    aspackv2
  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • 2a8236ec9135d4d57b0ca86bb5d4f097_JaffaCakes118
    .rar
  • wmsj-jgb/jgbwg1.692/155绿色软件站.url
    .url
  • wmsj-jgb/jgbwg1.692/Config/default.ini
  • wmsj-jgb/jgbwg1.692/Script/29自动修真.txt
  • wmsj-jgb/jgbwg1.692/Script/MG.txt
  • wmsj-jgb/jgbwg1.692/Script/default.txt
  • wmsj-jgb/jgbwg1.692/Script/别墅脚本传送版.txt
  • wmsj-jgb/jgbwg1.692/Script/别墅脚本飞行版.txt
  • wmsj-jgb/jgbwg1.692/Script/平魔任务.txt
  • wmsj-jgb/jgbwg1.692/Script/赏善罚恶任务.txt
  • wmsj-jgb/jgbwg1.692/Script/飞行回城买卖.txt
  • wmsj-jgb/jgbwg1.692/alarm.wav
  • wmsj-jgb/jgbwg1.692/end.cmd
  • wmsj-jgb/jgbwg1.692/jgbwg.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • wmsj-jgb/jgbwg1.692/safemon.dll
    .dll windows:5 windows x86 arch:x86


    Headers

    Sections

  • wmsj-jgb/jgbwg1.692/脚本说明.txt