HEEnterWindowLoop
HEEnterWindowLoopInNewThread
HESpecifySettings
General
-
Target
2f3be4ec89b6eaee56142a4f88c358ea_JaffaCakes118
-
Size
358KB
-
MD5
2f3be4ec89b6eaee56142a4f88c358ea
-
SHA1
dafe566451c533ef83856f82fb91fc1ddc20a9d5
-
SHA256
ece03e039f856eca26b0444b60acebca889b26287d84a231b7a7de7aeb15ba3e
-
SHA512
2f01fb2d946bd57369430d3bbd9c5acc5c50b7d6b056624b9555b904b03c60a79b7a2ffee902f3e577e9c41fb5636138c9d20dd9a46c63fcc6e1663d9b203c3c
-
SSDEEP
6144:zk/iyjW7/oCJg2DpBT1JVODyFOif6+ARJEURApV9//zUKtjots4geLYnfrd:zF/TJbpBBJwOFOKcO/zU74eSZ
Score
7/10
Malware Config
Signatures
-
ACProtect 1.3x - 1.4x DLL software 1 IoCs
Detects file using ACProtect software.
-
UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Unsigned PE 37 IoCs
Checks for missing Authenticode signature.
Files
-
2f3be4ec89b6eaee56142a4f88c358ea_JaffaCakes118
-
16Edit.DLL
Headers
Exports
Sections
-
LDE/IntelliDump.LDE
cd4f4f57932a96a8ea7047435b5053ea
Headers
Imports
Exports
Sections
-
LDE/armadmp.lde
Headers
Exports
Sections
-
LDE/下载说明.htm
-
LDS_Clients/CoolDump1.4/Cooldump.exe
Headers
Sections
-
LDS_Clients/CoolDump1.4/File_id.diz
-
LDS_Clients/CoolDump1.4/Genoep.dll
Headers
Exports
Sections
-
LDS_Clients/下载说明.htm
-
LordPE_fix.EXE
af5a2557d1d5daaaf732f8a12ba06a54
Headers
Imports
Sections
-
LordPlug.dll
e6303c7743cf7b2aaca0b76641502ee3
Headers
Imports
Exports
Sections
-
LordPlug.dll_src/LordPlug.cpp
-
LordPlug.dll_src/LordPlug.def
-
LordPlug.dll_src/LordPlug.dsp
-
LordPlug.dll_src/LordPlug.dsw
-
LordPlug.dll_src/下载说明.htm
-
Misc/16Edit.DLL
Headers
Exports
Sections
-
Misc/16Edit.exe
3915ab2aa57cdef4a874beac32a99f23
Headers
Imports
Sections
-
Misc/16Edit.tXt
-
Misc/LordElf.exe
dbdc13e9fe4048ca29db8f14af5cf58b
Headers
Imports
Sections
-
Misc/LordElf.tXt
-
Misc/MetaPuck.exe
65076f412a3c0a389d46177e0a3683a8
Headers
Imports
Sections
-
Misc/MetaPuck.tXt
-
Misc/PESnoop.exe
Headers
Sections
-
out.upx
Headers
Sections
-
Misc/PESnoop.tXt
-
Misc/RunKMD.exe
7b700cb395c90c9431168f9449d5c73b
Headers
Imports
Sections
-
Misc/RunKMD.tXt
-
Misc/RunVxD.exe
6d8a5c23ea76c87325f0ffaa3e930d27
Headers
Imports
Sections
-
Misc/RunVxD.tXt
-
Misc/SoftSnoop/APISnoop.dll
189541063a68896fdad9c98b6d5f6307
Headers
Imports
Exports
Sections
-
Misc/SoftSnoop/ApiDef/Kernel32.ss
-
Misc/SoftSnoop/ApiDef/SS.TXT
-
Misc/SoftSnoop/ApiDef/User32.ss
-
Misc/SoftSnoop/ForceLibrary.dll
381e752d4cf0389f7eb35922ca5268a9
Headers
Imports
Exports
Sections
-
Misc/SoftSnoop/Plugins/HelloWorld.dll
404e4d51a749c64c9e3db149fe6af736
Headers
Imports
Exports
Sections
-
Misc/SoftSnoop/Plugins/MsgHook.dll
ddaedee7bea36e496fe1dc768c43d7e8
Headers
Imports
Sections
-
Misc/SoftSnoop/Plugins/PluginExp3.dll
Headers
Exports
Sections
-
Misc/SoftSnoop/Plugins/TestMe.exe
98c88d882f01a3f6ac1e5f7dfd761624
Headers
Imports
Sections
-
Misc/SoftSnoop/SoftSnoop.exe
Headers
Exports
Sections
-
Misc/SoftSnoop/SoftSnoop.tXt
-
Misc/yPER.exe
b74a6218943cbdab2ffd30749e228d8b
Headers
Imports
Sections
-
Misc/yPER.tXt
-
Misc/下载说明.htm
-
PROCS.DLL
671e5d05e30b558e7b4fab82758cac2b
Headers
Imports
Exports
Sections
-
PSAPI.DLL
264476cbdcf6020ccd69c92bbd24050f
Headers
Imports
Exports
Sections
-
REALIGN.DLL
843d4acd52668b581fd295da850eeceb
Headers
Imports
Exports
Sections
-
ReadMe.txt
-
RunLDS.BAT
-
SDK/16Edit/16Edit.cs
-
SDK/16Edit/16Edit.def
-
SDK/16Edit/16EditDll.INC
-
SDK/16Edit/16EditDll.bas
-
SDK/16Edit/16EditDll.h
-
SDK/16Edit/APIs.tXt
-
SDK/16Edit/B_16Edit.lib
-
SDK/16Edit/HEditDll.pas
-
SDK/16Edit/MS_16Edit.lib
-
SDK/16Edit/TOC.tXt
-
SDK/LordPE/LDE/IntelliDump/IntelliDump.DEF
-
SDK/LordPE/LDE/IntelliDump/IntelliDump.c
-
SDK/LordPE/LDE/IntelliDump/IntelliDump.dsp
-
SDK/LordPE/LDE/IntelliDump/IntelliDump.mak
-
SDK/LordPE/LDE/LDE.tXt
-
SDK/LordPE/LDS/Examples/ASM/LDS_LoadDump.bat
-
SDK/LordPE/LDS/Examples/C/Plugin.c
-
SDK/LordPE/LDS/Examples/C/Plugin.dsp
-
SDK/LordPE/LDS/Examples/C/Plugin.mak
-
SDK/LordPE/LDS/Examples/C/resource.h
-
SDK/LordPE/LDS/Examples/C/rsrc.rc
-
SDK/LordPE/LDS/Examples/CS/App.ico
-
SDK/LordPE/LDS/Examples/CS/AssemblyInfo.cs
-
SDK/LordPE/LDS/Examples/CS/Form1.cs
-
SDK/LordPE/LDS/Examples/CS/Form1.resx
-
SDK/LordPE/LDS/Examples/CS/LDSChat.csproj
-
SDK/LordPE/LDS/Examples/CS/LDSChat.csproj.user
-
SDK/LordPE/LDS/Examples/CS/LDSChat.sln
-
SDK/LordPE/LDS/Examples/CallModMem.EXE
Headers
Sections
-
SDK/LordPE/LDS/Examples/Delphi/FindLDSAndLaunch4Delphi.dpr
-
SDK/LordPE/LDS/Examples/Delphi/LDS_DmpTst.dpr
-
SDK/LordPE/LDS/Examples/Delphi/LDS_VerPid.dpr
-
SDK/LordPE/LDS/Examples/LDSChat.exe
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections
-
SDK/LordPE/LDS/Examples/LDS_DmpTst.exe
Headers
Sections
-
SDK/LordPE/LDS/Examples/LDS_LoadDump.exe
37233ab54761e227db351e9a7c77f7d2
Headers
Imports
Sections
-
SDK/LordPE/LDS/Examples/LDS_TaskViewer.exe
6b1649ca6b76d36e4f75bd013074d178
Headers
Imports
Sections
-
SDK/LordPE/LDS/Examples/LDS_VerPid.exe
Headers
Sections
-
SDK/LordPE/LDS/INC/LDS.INC
-
SDK/LordPE/LDS/INC/LDS.bas
-
SDK/LordPE/LDS/INC/LDS.cs
-
SDK/LordPE/LDS/INC/LDS.h
-
SDK/LordPE/LDS/INC/LDS.ni
-
SDK/LordPE/LDS/INC/LDS.pas
-
SDK/LordPE/LDS/LDS.tXt
-
SDK/SoftSnoop/PluginExp1/PluginExp1.c
-
SDK/SoftSnoop/PluginExp1/PluginExp1.def
-
SDK/SoftSnoop/PluginExp1/PluginExp1.dsp
-
SDK/SoftSnoop/PluginExp2/BUILD.BAT
-
SDK/SoftSnoop/PluginExp2/BUILD.PIF
-
SDK/SoftSnoop/PluginExp2/MsgHook.ASM
-
SDK/SoftSnoop/PluginExp2/RESOURCE.INC
-
SDK/SoftSnoop/PluginExp2/Rsrc.res
-
SDK/SoftSnoop/PluginExp3/PluginExp3.dpr
-
SDK/SoftSnoop/PluginExp3/RSRC.RES
-
SDK/SoftSnoop/Plugins.tXt
-
SDK/SoftSnoop/SSPlugin.INC
-
SDK/SoftSnoop/SSPlugin.pas
-
SDK/SoftSnoop/SSplugin.h
-
SDK/procsDLL/examples/EXP1Out.BAT
-
SDK/procsDLL/examples/UseProcs1.exe
65d36d8a9354e322365bcbf93be3d18c
Headers
Imports
Sections
-
SDK/procsDLL/examples/useprocs1/CONSOLE.INC
-
SDK/procsDLL/examples/useprocs1/MAKE.BAT
-
SDK/procsDLL/examples/useprocs1/MAKE.PIF
-
SDK/procsDLL/examples/useprocs1/UseProcs1.ASM
-
SDK/procsDLL/examples/useprocs2.exe
e2f259fab986c39d43d603ee27c60f81
Headers
Imports
Sections
-
SDK/procsDLL/examples/useprocs2/USEPROCS.C
-
SDK/procsDLL/examples/useprocs2/UseProcs2.dsw
-
SDK/procsDLL/examples/useprocs2/useprocs2.dsp
-
SDK/procsDLL/procs.INC
-
SDK/procsDLL/procs.chm
-
SDK/procsDLL/procs.h
-
SDK/procsDLL/procs.lib
-
SDK/realignDLL/Realign.h
-
SDK/realignDLL/realign.lib
-
SDK/下载说明.htm
-
Thief/PE Explorer.tXt
-
Thief/TDS_Adjuster.jpg
-
Thief/下载说明.htm
-
TrapDll.exe
2c66707ee126f64a912ba629873148d1
Headers
Imports
Sections
-
URLs/.NET Framework.URL
-
URLs/16Edit FX-package.url
-
URLs/yoda's home.url
-
URLs/下载说明.htm
-
docs/EndOfCommerce.tXt
-
docs/History.tXt
-
docs/LDE.tXt
-
docs/LDS.tXt
-
docs/License.tXt
-
docs/LordPE.tXt
-
docs/ToDo.tXt
-
docs/下载说明.htm
-
下载说明.htm
-
汉化说明.txt
-
英文原版/LordPE.EXE
af5a2557d1d5daaaf732f8a12ba06a54
Headers
Imports
Sections
-
英文原版/LordPE_fix.EXE
af5a2557d1d5daaaf732f8a12ba06a54
Headers
Imports
Sections
-
英文原版/下载说明.htm