Overview

overview

7

Static

static

7

mxd.dll

windows7-x64

7

mxd.dll

windows10-2004-x64

7

打boss专用.exe

windows7-x64

7

打boss专用.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    5ba6326d33d0e2a7a99a24a0f7711a6c_JaffaCakes118

  • Size

    106KB

  • MD5

    5ba6326d33d0e2a7a99a24a0f7711a6c

  • SHA1

    a6d01077f2a4f5e025e938a49007545891c8e941

  • SHA256

    608dcd4215a958be5787d8ee20c08d92bb21417521f509bccbd4ddfae794ef6e

  • SHA512

    c44b866f9a756a8f41996209f477cc896c3a15c282694202ff19e037fb74cb6d64f16fde39eeaf44c9e16aefeacafb4abe61d402e16db3befc8891f1e6832dbf

  • SSDEEP

    1536:TCtbRapahSRPCClBE7D9IkFJQSXla+xiiZM9aiXMEjxSGQFx8wLpoSF9vp6x7C9j:QtS2SRPPE7ZIwPXlx56JGx8wCSvhB

Score
7/10
vmprotect

Malware Config

Signatures

  • VMProtect packed file 2 IoCs

    Detects executables packed with VMProtect commercial packer.

    vmprotect
  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • 5ba6326d33d0e2a7a99a24a0f7711a6c_JaffaCakes118
    .rar
  • mxd.dll
    .dll windows:4 windows x86 arch:x86

    72f6215ac332813ceaa1cf020e4b7904


    Headers

    Imports

    Sections

  • 打boss专用.exe
    .exe windows:4 windows x86 arch:x86

    076b2725f48fa097fe78a936a159a5c2


    Headers

    Imports

    Sections