Overview

overview

7

Static

static

3

GuoDongSet....0.exe

windows7-x64

7

GuoDongSet....0.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...in.dll

windows7-x64

1

$PLUGINSDI...in.dll

windows10-2004-x64

1

$PLUGINSDI...ry.dll

windows7-x64

3

$PLUGINSDI...ry.dll

windows10-2004-x64

3

$PLUGINSDIR/test.dll

windows7-x64

1

$PLUGINSDIR/test.dll

windows10-2004-x64

1

ETAppSystem.dll

windows7-x64

1

ETAppSystem.dll

windows10-2004-x64

1

ETDA.dll

windows7-x64

1

ETDA.dll

windows10-2004-x64

1

ETDebug.dll

windows7-x64

1

ETDebug.dll

windows10-2004-x64

1

ETEffect.dll

windows7-x64

3

ETEffect.dll

windows10-2004-x64

3

ETForePlugin.dll

windows7-x64

1

ETForePlugin.dll

windows10-2004-x64

1

ETGLSystem.dll

windows7-x64

1

ETGLSystem.dll

windows10-2004-x64

1

ETImage.dll

windows7-x64

3

ETImage.dll

windows10-2004-x64

3

ETMA.dll

windows7-x64

1

ETMA.dll

windows10-2004-x64

1

ETPA.dll

windows7-x64

1

ETPA.dll

windows10-2004-x64

1

ETShare.dll

windows7-x64

3

ETShare.dll

windows10-2004-x64

3

ForeWnd.dll

windows7-x64

1

ForeWnd.dll

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    2af5e5f0957640474a94b643e95e8230_JaffaCakes118

  • Size

    8.3MB

  • MD5

    2af5e5f0957640474a94b643e95e8230

  • SHA1

    d4fcd9ae686798d2eaf615cf58e273ebf5905625

  • SHA256

    e48e0a2dc37933cbb1d5628fefee64264018dda63107f11342438cf2b0bce3c9

  • SHA512

    ee954c1916858dced5180825ddcb689d1836ce8d132d969e779fcc6a445e8c4ff05054fd288d597946182c91ccf270e2d1efe6bb73dc9aedb7adff872705820e

  • SSDEEP

    196608:ItSs2cC1rC1rry5yB8ACoMGbyjXa/FOXRBc04jgwUY:MVOyPCoMGjFOXz0l

Score
3/10

Malware Config

Signatures

  • Unsigned PE 48 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 2 IoCs
    installer

Files

  • 2af5e5f0957640474a94b643e95e8230_JaffaCakes118
    .rar
  • GuoDongSetup-1.2.6.0.exe
    .exe windows:4 windows x86 arch:x86

    dfb06052e74b26a42b0e490bd1c07959


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    0b51ce6ce6bf8d5c68b3ea9f3ac1bf2c


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/afterinstall.ini
  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-header.bmp
  • $PLUGINSDIR/modern-wizard.bmp
  • $PLUGINSDIR/msnPlugin.dll
    .dll windows:4 windows x86 arch:x86

    035e22581576c74e15fedc8156990d52


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/registry.dll
    .dll windows:4 windows x86 arch:x86

    cd53277eaa7bbb8fb5b2b678274dcb4e


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/test.dll
    .dll regsvr32 windows:4 windows x86 arch:x86

    c6688d44f6dcaecb184cc7a4aa417e83


    Headers

    Imports

    Exports

    Sections

  • ETAppSystem.dll
    .dll windows:4 windows x86 arch:x86

    1feb3f483f3c8a2f0881ee485a77aad4


    Headers

    Imports

    Exports

    Sections

  • ETDA.dll
    .dll windows:4 windows x86 arch:x86

    e9f3dc5e69bcf7e6e71dff0f03d126a8


    Headers

    Imports

    Exports

    Sections

  • ETDebug.dll
    .dll windows:4 windows x86 arch:x86

    82d25237b7517f535ce6d3660e968cbf


    Headers

    Imports

    Exports

    Sections

  • ETEffect.dll
    .dll windows:4 windows x86 arch:x86

    dd795743cd4e10b1ee0e89b074a14a51


    Headers

    Imports

    Exports

    Sections

  • ETForePlugin.dll
    .dll windows:4 windows x86 arch:x86

    777fe6d262dd40bb1f44d40a349c0d9a


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • ETGLSystem.dll
    .dll windows:4 windows x86 arch:x86

    1a489bf0a5294bad16def5bcef1c0e5a


    Headers

    Imports

    Exports

    Sections

  • ETImage.dll
    .dll windows:4 windows x86 arch:x86

    396f9233059ae786c474f7d960ef8d16


    Headers

    Imports

    Exports

    Sections

  • ETMA.dll
    .dll windows:4 windows x86 arch:x86

    eeee437ae139079b265ac61e4cb24a44


    Headers

    Imports

    Exports

    Sections

  • ETPA.dll
    .dll windows:4 windows x86 arch:x86

    5a77c3879fdc7dcdf6bc53219231d7bd


    Headers

    Imports

    Exports

    Sections

  • ETShare.dll
    .dll windows:4 windows x86 arch:x86

    295d529e884baff68a4f2c5b8116be3b


    Headers

    Imports

    Exports

    Sections

  • ForeWnd.dll
    .dll regsvr32 windows:4 windows x86 arch:x86

    f88625b2d36dce958226bad2fdb936a1


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • GuoDongCenter.exe
    .exe windows:4 windows x86 arch:x86

    dd752ba894b95e1d1dd3413bffa0e857


    Code Sign

    Headers

    Imports

    Sections

  • GuoDongConfig.exe
    .exe windows:4 windows x86 arch:x86

    fae9421b867101a58fe51663a904ce9e


    Code Sign

    Headers

    Imports

    Sections

  • GuoDongDownloader.exe
    .exe windows:4 windows x86 arch:x86

    59f9a85afaa7e0a7c43cfa0ad8d2da39


    Code Sign

    Headers

    Imports

    Sections

  • GuoDongPatcher.exe
    .exe windows:4 windows x86 arch:x86

    94bd2a73a8610ea61ae9650ee453f6a8


    Code Sign

    Headers

    Imports

    Sections

  • GuoDongReporter.exe
    .exe windows:4 windows x86 arch:x86

    7c81952ce906d17ff504a7b176b02255


    Code Sign

    Headers

    Imports

    Sections

  • MemoryManager.dll
    .dll windows:4 windows x86 arch:x86

    04ca25acae1244a1018d126159e56869


    Headers

    Imports

    Exports

    Sections

  • StrTable.dat
  • center.ico
  • config.ini
  • crashinfo.ini
  • crossguiLibRelease.dll
    .dll windows:4 windows x86 arch:x86

    34e3574633df34d9cd9a4a0e6e2581db


    Headers

    Imports

    Exports

    Sections

  • d3dx9_30.dll
    .dll windows:5 windows x86 arch:x86

    59e53f314b9521292a6438b9b55f6ef0


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • dbghelp.dll
    .dll windows:5 windows x86 arch:x86

    42cfa6142c38112bdaffa05fb22db82e


    Headers

    Imports

    Exports

    Sections

  • eteng/CK2.dll
    .dll windows:4 windows x86 arch:x86

    bcecc0b2659804bfa4b93f30e24420ed


    Headers

    Imports

    Exports

    Sections

  • eteng/CKZlib.dll
    .dll windows:4 windows x86 arch:x86

    8c31bfbe2ac1c8e4370fdb23356385d7


    Headers

    Imports

    Exports

    Sections

  • eteng/ET3DSystem.dll
    .dll windows:4 windows x86 arch:x86

    f8fb51cf4ff2a9183d11d777099cd9b5


    Headers

    Imports

    Exports

    Sections

  • eteng/Plugins/DDSReader.dll
    .dll windows:4 windows x86 arch:x86

    61055a572dbed0fd2e7b0f47f04bb265


    Headers

    Imports

    Exports

    Sections

  • eteng/Plugins/ImageReader.dll
    .dll windows:4 windows x86 arch:x86

    608adc4ea78749d45e14ecca0da13958


    Headers

    Imports

    Exports

    Sections

  • eteng/Plugins/JpgLoader.dll
    .dll windows:4 windows x86 arch:x86

    910a8947107c44afc339665f639abad9


    Headers

    Imports

    Exports

    Sections

  • eteng/Plugins/PngLoader.dll
    .dll windows:4 windows x86 arch:x86

    270621c9a7ea34c9c6d033c88878df8d


    Headers

    Imports

    Exports

    Sections

  • eteng/Plugins/VirtoolsLoader.dll
    .dll windows:4 windows x86 arch:x86

    b3057b083c17f25a14f5b39818f9128a


    Headers

    Imports

    Exports

    Sections

  • eteng/Plugins/WavReader.dll
    .dll windows:4 windows x86 arch:x86

    3376e9a8d28b936f96ba9aeb76dff1df


    Headers

    Imports

    Exports

    Sections

  • eteng/VSLRT.dll
    .dll windows:4 windows x86 arch:x86

    f80e9389a76e9e8ff1b525fb450ee5c8


    Headers

    Imports

    Exports

    Sections

  • eteng/VxMath.dll
    .dll windows:4 windows x86 arch:x86

    88c6d5ed9d4b5fc2602649d8c0e7e617


    Headers

    Imports

    Exports

    Sections

  • eteng/buildingblocks/3DTransfo.dll
    .dll windows:4 windows x86 arch:x86

    553a368dfb97028346098eae6e65b1cd


    Headers

    Imports

    Exports

    Sections

  • eteng/buildingblocks/Collisions.dll
    .dll windows:4 windows x86 arch:x86

    658bb2bb2e6771cd265b73c16ebe8fdf


    Headers

    Imports

    Exports

    Sections

  • eteng/buildingblocks/Materials.dll
    .dll windows:4 windows x86 arch:x86

    2511a9a3508b420cd829aab2085838b9


    Headers

    Imports

    Exports

    Sections

  • eteng/buildingblocks/ParticleSystems.dll
    .dll windows:4 windows x86 arch:x86

    e72bdb84ec48c5877164c94e65a7446c


    Headers

    Imports

    Exports

    Sections

  • eteng/main.dat
  • eteng/managers/CKFEMgr.dll
    .dll windows:4 windows x86 arch:x86

    cdeef65efada872b2358c25e66208fee


    Headers

    Imports

    Exports

    Sections

  • eteng/managers/DX7SoundManager.dll
    .dll windows:4 windows x86 arch:x86

    8eb3d65f4e4bbfb3d683b531c35f23bf


    Headers

    Imports

    Exports

    Sections

  • eteng/managers/Dx5InputManager.dll
    .dll windows:4 windows x86 arch:x86

    3df49bb2edb6174b009e8d684cb4f8f7


    Headers

    Imports

    Exports

    Sections

  • eteng/managers/ParameterOperations.dll
    .dll windows:4 windows x86 arch:x86

    4ae10db056c9891437b1aa4d1d6a55ae


    Headers

    Imports

    Exports

    Sections

  • eteng/managers/VSLManager.dll
    .dll windows:4 windows x86 arch:x86

    dcb7b7f654fd7388b59eab7254eddf6f


    Headers

    Imports

    Exports

    Sections

  • eteng/renderengines/CK2_3D.dll
    .dll windows:4 windows x86 arch:x86

    d69865de83477ecdd3721138671d18cf


    Headers

    Imports

    Exports

    Sections

  • eteng/renderengines/CKDX9Rasterizer.dll
    .dll windows:4 windows x86 arch:x86

    ea44fc4fe5ec8be627adacfab9d50054


    Headers

    Imports

    Exports

    Sections

  • eteng/tangsong/VTExt.dll
    .dll windows:4 windows x86 arch:x86

    cefb72ee048e78db52cf9899c09cb1ad


    Headers

    Imports

    Exports

    Sections

  • etgls/ETGL3DModule.dll
    .dll windows:4 windows x86 arch:x86

    9ba4953a1e41b3facce7aed1e5cf616c


    Headers

    Imports

    Exports

    Sections

  • etgls/ETGLResMod.dll
    .dll windows:4 windows x86 arch:x86

    28bb8b8a5a7d5b75541037a1cff0bf1e


    Headers

    Imports

    Exports

    Sections

  • etgls/ETGLUI.dll
    .dll windows:4 windows x86 arch:x86

    78e3a11691070c837514ae9fbe4a57f7


    Headers

    Imports

    Exports

    Sections

  • loading.jpg
    .jpg
  • messenger/GuoDongIM.exe
    .exe windows:4 windows x86 arch:x86

    89611c687db2cf41d92cb12c1a7a6040


    Code Sign

    Headers

    Imports

    Sections

  • messenger/IMClientCom.dll
    .dll regsvr32 windows:4 windows x86 arch:x86

    289bd1b1a90a61b8701e82a039e62b24


    Headers

    Imports

    Exports

    Sections

  • messenger/IMConfig.ini
  • messenger/IMSetting.ini
  • messenger/crashinfo.ini
  • messenger/gloox.dll
    .dll windows:4 windows x86 arch:x86

    5b9abbbf72189348f6f375b6a02b035c


    Headers

    Imports

    Exports

    Sections

  • resource/apps/ETAvatarApp.dll
    .dll windows:4 windows x86 arch:x86

    ac7b4a2c223dcd6e52fca004dd9ee1fc


    Headers

    Imports

    Exports

    Sections

  • resource/apps/ETBuildingSceneApp.dll
    .dll windows:4 windows x86 arch:x86

    23f186c592eeac22460dbea4411f00cf


    Headers

    Imports

    Exports

    Sections

  • resource/apps/ETSnsChatApp.dll
    .dll windows:4 windows x86 arch:x86

    465b6645971df52771ce464c7ba88324


    Headers

    Imports

    Exports

    Sections

  • resource/avatarcfg/2DFront.txt
  • resource/avatarcfg/3DItem.txt
  • resource/avatarcfg/ActMulti.txt
  • resource/avatarcfg/ActSingleMan.txt
  • resource/avatarcfg/ActSingleWoman.txt
  • resource/avatarcfg/ActionID.txt
  • resource/avatarcfg/ActionType.xml
    .xml
  • resource/avatarcfg/AnimationID.txt
  • resource/avatarcfg/AvatarAppBackGround.txt
  • resource/avatarcfg/CameraCurve.xml
    .xml
  • resource/avatarcfg/ChaTex.txt
  • resource/avatarcfg/MORPH_F.txt
  • resource/avatarcfg/MORPH_M.txt
  • resource/avatarcfg/MoveMent.xml
    .xml
  • resource/avatarcfg/TDItem.xml
    .xml
  • resource/avatarcfg/UnfurItem.xml
    .xml
  • resource/avatarcfg/bipname_man.txt
  • resource/avatarcfg/bipname_woman.txt
  • resource/avatarcfg/blendtype.txt
  • resource/avatarcfg/boneinfoID.txt
  • resource/avatarcfg/clothbox_shoot_act_f.txt
  • resource/avatarcfg/clothbox_shoot_act_m.txt
  • resource/avatarcfg/colorpart.txt
  • resource/avatarcfg/doubleoffset_f.txt
  • resource/avatarcfg/doubleoffset_m.txt
  • resource/avatarcfg/itemresid.txt
  • resource/avatarcfg/localversion.ver
  • resource/avatarcfg/localversion.ver.ver
  • resource/avatarcfg/normalani_f.txt
  • resource/avatarcfg/normalani_m.txt
  • resource/avatarcfg/randcharpar_f.txt
  • resource/avatarcfg/randcharpar_m.txt
  • resource/avatarcfg/randmorph.txt
  • resource/avatarcfg/relatbones.txt
  • resource/avatarcfg/version.ver
  • resource/avatarcfg/version.ver.ver
  • resource/chat/config/scene.txt
  • resource/chat/config/version.ver
  • resource/chat/config/version.ver.ver
  • resource/effect/script/111.efx
  • resource/effect/script/ID_VFX_test.efx
  • resource/effect/script/azaojis.efx
  • resource/effect/script/localversion.ver
  • resource/effect/script/localversion.ver.ver
  • resource/effect/script/version.ver
  • resource/effect/script/version.ver.ver
  • resource/folderconfig.ini
  • resource/ui/avatar.cfg
  • resource/ui/imageset/avatarapp/CameraPanel.lua
  • resource/ui/imageset/avatarapp/CameraPanel.xml
  • resource/ui/imageset/avatarapp/ChatToolTip.xml
  • resource/ui/imageset/avatarapp/avatarhelp.lua
  • resource/ui/imageset/avatarapp/avatarhelp.xml
  • resource/ui/imageset/avatarapp/avatarmain.lua
  • resource/ui/imageset/avatarapp/avatarmain.xml
  • resource/ui/imageset/avatarapp/window/avatarcam.imageset
  • resource/ui/imageset/avatarapp/window/avatarcam.png
    .png
  • resource/ui/imageset/avatarapp/window/avatarhelp.imageset
  • resource/ui/imageset/avatarapp/window/avatarhelp.png
    .png
  • resource/ui/imageset/avatarapp/window/avatarhelpb.imageset
  • resource/ui/imageset/avatarapp/window/avatarhelpb.png
    .png
  • resource/ui/imageset/avatarapp/window/lishu_14.font
  • resource/ui/imageset/avatarapp/window/myfont.font
  • resource/ui/imageset/avatarapp/window/mywindows.imageset
  • resource/ui/imageset/avatarapp/window/mywindows.layout
    .xml
  • resource/ui/imageset/avatarapp/window/mywindows.lua
  • resource/ui/imageset/avatarapp/window/mywindows.png
    .png
  • resource/ui/imageset/avatarapp/window/mywindows.scheme
  • resource/ui/imageset/avatarapp/window/mywindows.templates
  • resource/ui/imageset/avatarapp/window/songti_11.font
  • resource/ui/imageset/avatarapp/window/songti_12.font
  • resource/ui/imageset/avatarapp/window/songti_14.font
  • resource/ui/imageset/avatarapp/window/songti_18.font
  • resource/ui/imageset/chatapp/ActionPoint.lua
  • resource/ui/imageset/chatapp/ActionPoint.xml
  • resource/ui/imageset/chatapp/AnimMenu.lua
  • resource/ui/imageset/chatapp/AnimMenu.xml
  • resource/ui/imageset/chatapp/BottonInfo.lua
  • resource/ui/imageset/chatapp/BottonInfo.xml
  • resource/ui/imageset/chatapp/BubleRed.lua
  • resource/ui/imageset/chatapp/BubleRed.xml
  • resource/ui/imageset/chatapp/CameraPanel.lua
  • resource/ui/imageset/chatapp/CameraPanel.xml
  • resource/ui/imageset/chatapp/ChatToolTip.xml
  • resource/ui/imageset/chatapp/ChaterName.lua
  • resource/ui/imageset/chatapp/ChaterName.xml
  • resource/ui/imageset/chatapp/StringSet.lua
  • resource/ui/imageset/chatapp/StringSet.xml
  • resource/ui/imageset/chatapp/WaitForLoad.lua
  • resource/ui/imageset/chatapp/WaitForLoad.xml
  • resource/ui/imageset/chatapp/chathelp.lua
  • resource/ui/imageset/chatapp/chathelp.xml
  • resource/ui/imageset/chatapp/chatmain.lua
  • resource/ui/imageset/chatapp/chatmain.xml
  • resource/ui/imageset/chatapp/chatui.imageset
  • resource/ui/imageset/chatapp/chatui1.png
    .png
  • resource/ui/imageset/chatapp/progessbarchat.lua
  • resource/ui/imageset/chatapp/progessbarchat.xml
  • resource/ui/imageset/chatapp/window/Buble.imageset
  • resource/ui/imageset/chatapp/window/Verdana.font
  • resource/ui/imageset/chatapp/window/Verdana_12.font
  • resource/ui/imageset/chatapp/window/buble.png
    .png
  • resource/ui/imageset/chatapp/window/chathelp.imageset
  • resource/ui/imageset/chatapp/window/chathelp.png
    .png
  • resource/ui/imageset/chatapp/window/chathelp1.imageset
  • resource/ui/imageset/chatapp/window/chathelp1.png
    .png
  • resource/ui/imageset/chatapp/window/head1.imageset
  • resource/ui/imageset/chatapp/window/head1.png
    .png
  • resource/ui/imageset/chatapp/window/lishu_14.font
  • resource/ui/imageset/chatapp/window/myfont.font
  • resource/ui/imageset/chatapp/window/mywindows.imageset
  • resource/ui/imageset/chatapp/window/mywindows.layout
    .xml
  • resource/ui/imageset/chatapp/window/mywindows.lua
  • resource/ui/imageset/chatapp/window/mywindows.png
    .png
  • resource/ui/imageset/chatapp/window/mywindows.scheme
  • resource/ui/imageset/chatapp/window/mywindows.templates
  • resource/ui/imageset/chatapp/window/songti_11.font
  • resource/ui/imageset/chatapp/window/songti_12.font
  • resource/ui/imageset/chatapp/window/songti_14.font
  • resource/ui/imageset/chatapp/window/songti_16.font
  • resource/ui/imageset/chatapp/window/songti_18.font
  • resource/ui/imageset/chatapp/window/waitforload.imageset
  • resource/ui/imageset/chatapp/window/waitforload.png
    .png
  • resource/ui/imageset/glapp/progessbar.lua
  • resource/ui/imageset/glapp/progessbar.xml
  • resource/ui/localversion.ver
  • resource/ui/localversion.ver.ver
  • resource/ui/snschat.cfg
  • resource/ui/version.ver
  • resource/ui/version.ver.ver
  • resource/vtres/ID_CH01F_B.nmo
  • resource/vtres/ID_CH01M_B.nmo
  • resource/vtres/localversion.ver
  • resource/vtres/version.ver
  • resource/vtres/version.ver.ver
  • setting.ini
  • uninstall.exe.nsis
  • vcredist_x86.exe
    .exe windows:5 windows x86 arch:x86

    0ebb3c09b06b1666d307952e824c8697


    Headers

    Imports

    Sections

  • version.ver
  • version.ver.ver
  • 新云软件.url
    .url