Overview

overview

7

Static

static

7

rewbpy/rewbpy.exe

windows7-x64

3

rewbpy/rewbpy.exe

windows10-2004-x64

7

rewbpy/wbfc.dll

windows7-x64

7

rewbpy/wbfc.dll

windows10-2004-x64

7

rewbpy/新...��.url

windows7-x64

1

rewbpy/新...��.url

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    85dec1416aaf636a135eed335e2eb64a_JaffaCakes118

  • Size

    198KB

  • MD5

    85dec1416aaf636a135eed335e2eb64a

  • SHA1

    80ebfb2fbab3d679832cb1806233386a257930cd

  • SHA256

    7f53daa8924c6b5693359d11f4ba36d87799a14370b896a38522d2e422ba3ef8

  • SHA512

    b5530871e1db5bf14bed0ac18ad926c5af6b343fb52e8140590dcfd1765e80e15b3d9b3b65d089307e91ec323224dd667644333e21367eadeb969e2b5cf0b2c6

  • SSDEEP

    3072:xGDYI20EIrk2r1IYro82crdtNNPFZsmV59WDpJYjb8R5X2Nicgjga8YOZY5UsSAV:xUZEIrpP2cBKq5IfYiZ8a8JY6dMN

Score
7/10
aspackv2upx

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 1 IoCs

    Detects file using ACProtect software.

  • ASPack v2.12-2.42 1 IoCs

    Detects executables packed with ASPack v2.12-2.42

    aspackv2
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 3 IoCs

    Checks for missing Authenticode signature.

Files

  • 85dec1416aaf636a135eed335e2eb64a_JaffaCakes118
    .rar
  • rewbpy/rewbpy.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • rewbpy/wbfc.dll
    .dll regsvr32 windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • out.upx
    .dll windows:4 windows x86 arch:x86


    Headers

    Sections

  • rewbpy/新云软件.url
    .url