Overview

overview

7

Static

static

7

守护神/...ls.exe

windows7-x64

1

守护神/...ls.exe

windows10-2004-x64

3

守护神/...ns.dll

windows7-x64

3

守护神/...ns.dll

windows10-2004-x64

3

守护神/...TL.dll

windows7-x64

3

守护神/...TL.dll

windows10-2004-x64

3

守护神/...SL.dll

windows7-x64

3

守护神/...SL.dll

windows10-2004-x64

3

守护神/...30.dll

windows7-x64

7

守护神/...30.dll

windows10-2004-x64

7

守护神/...an.dll

windows7-x64

7

守护神/...an.dll

windows10-2004-x64

7

守护神/...pt.dll

windows7-x64

3

守护神/...pt.dll

windows10-2004-x64

3

守护神/...sl.dll

windows7-x64

3

守护神/...sl.dll

windows10-2004-x64

3

守护神/...mh.dll

windows7-x64

3

守护神/...mh.dll

windows10-2004-x64

3

守护神/...an.exe

windows7-x64

7

守护神/...an.exe

windows10-2004-x64

7

守护神/...��.chm

windows7-x64

1

守护神/...��.chm

windows10-2004-x64

1

守护神/...��.url

windows7-x64

1

守护神/...��.url

windows10-2004-x64

1

守护神/...��.exe

windows7-x64

3

守护神/...��.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    b5077e5fefa6f76d93ef8c9f9be3642d_JaffaCakes118

  • Size

    4.7MB

  • MD5

    b5077e5fefa6f76d93ef8c9f9be3642d

  • SHA1

    787d6941ea12d1088eb050dc378581bee3c66f3a

  • SHA256

    7aada01c0d4f065919df7c223e7d019f24233fcc0ecd6f570e3b56f15d592cca

  • SHA512

    55e6b465b88b9ed763ded54813ebef2ed7f607f475b7d912119a2394a3831d987cdfa3e130c55a602ccf9d7b38e59f867bd5832b702a2a6f741b384096c34374

  • SSDEEP

    98304:aa6Gkob7VkVC+tPWAnzeNsLDdEzvrmf7sjCYB6Y9iqRH0E9GIyrUpEfszYB:0eb7VkbXSqXdEzJs6iqRHj7yw6sYB

Score
7/10
upx

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 2 IoCs

    Detects file using ACProtect software.

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 11 IoCs

    Checks for missing Authenticode signature.

Files

  • b5077e5fefa6f76d93ef8c9f9be3642d_JaffaCakes118
    .rar
  • 守护神/DelayTools.exe
    .exe windows:4 windows x86 arch:x86

    4fc194db286a6c68c8db8cc61ec07d8e


    Headers

    Imports

    Sections

  • 守护神/Functions.dll
    .dll windows:4 windows x86 arch:x86

    6513a39fa6fc097dd83f53d50c52167f


    Headers

    Imports

    Exports

    Sections

  • 守护神/OptionInfoList.xml
    .xml
  • 守护神/SkinPPWTL.dll
    .dll windows:4 windows x86 arch:x86

    8415b02065effcf3e8ba3b1c65054435


    Headers

    Imports

    Exports

    Sections

  • 守护神/StockInfoList.xml
    .xml
  • 守护神/StockNumenConfig.xml
    .xml
  • 守护神/skin/AlphaOS.ssk
  • 守护神/skin/MAC.ssk
    .zip
  • Aqua_104.bmp
  • Aqua_68.bmp
  • Aqua_72.bmp
  • MAC.uis
  • Thumbs.db
  • aqua_1.bmp
  • aqua_10.bmp
  • aqua_106.tga
  • aqua_108.tga
  • aqua_11.bmp
  • aqua_12.bmp
  • aqua_13.bmp
  • aqua_14.bmp
  • aqua_15.bmp
  • aqua_16.bmp
  • aqua_17.bmp
  • aqua_18.bmp
  • aqua_19.bmp
  • aqua_2.bmp
  • aqua_20.bmp
  • aqua_21.tga
  • aqua_23.bmp
  • aqua_24.bmp
  • aqua_25.bmp
  • aqua_25.tga
  • aqua_26.tga
  • aqua_27.bmp
  • aqua_29.bmp
  • aqua_3.bmp
  • aqua_30.bmp
  • aqua_31.tga
  • aqua_32.tga
  • aqua_33.tga
  • aqua_34.tga
  • aqua_35.tga
  • aqua_36.tga
  • aqua_37.tga
  • aqua_38.tga
  • aqua_40.tga
  • aqua_41.tga
  • aqua_5.bmp
  • aqua_6.bmp
  • aqua_62.bmp
  • aqua_63.bmp
  • aqua_64.bmp
  • aqua_65.bmp
  • aqua_69.bmp
  • aqua_70.bmp
  • aqua_71.bmp
  • aqua_75.bmp
  • aqua_76.bmp
  • aqua_77.bmp
  • aqua_8.tga
  • VC.bmp
  • Ŀ¼.bmp
  • ͼ.bmp
  • ̬л(1).bmp
  • .bmp
  • .bmp
  • .bmp
  • .bmp
  • ҳ.bmp
  • 守护神/skin/SlickOS2.ssk
  • 守护神/skin/Steel.ssk
  • 守护神/skin/XP-Luna.ssk
  • 守护神/skin/avfone.ssk
  • 守护神/skin/blue.ssk
    .zip
  • blank.bmp
  • blue.uis
  • border.bmp
  • borderhedder.bmp
  • checkbox.tga
  • checkboxnew.bmp
  • classicclosebutton.tga
  • classicclosebuttonglyph.tga
  • classicmaxbuttonglyph.tga
  • classicrestorebuttonglyph.tga
  • close.bmp
  • closebutton.bmp
  • closetoolbutton.tga
  • closetoolbuttonglyph.tga
  • comboboxborder.bmp
  • comboboxbuttons.tga
  • comboboxdropdownback.bmp
  • comboboxdropdownbutton.bmp
  • comboboxdropdownglyph.bmp
  • extraimages.bmp
  • framebottom.bmp
  • frameleft.bmp
  • frameright.bmp
  • frametop.bmp
  • groupboxedge.bmp
  • handelold.bmp
  • help.bmp
  • helpcenter.bmp
  • helpleft.bmp
  • listview.bmp
  • listviewheader.bmp
  • main button.tga
  • max.bmp
  • maxamize.bmp
  • mdibuttons.bmp
  • menubackground.bmp
  • menubar.bmp
  • menubarback.bmp
  • menubaritem.bmp
  • menubaritem.tga
  • menuitem.tga
  • menuitembackgorund.tga
  • midibuttons.bmp
  • min.bmp
  • mincenter.bmp
  • minleft.bmp
  • personalitymenuborders.bmp
  • progressbar.bmp
  • pushbutton.tga
  • radiel.tga
  • radiobuttonnew.tga
  • rebar.bmp
  • rebargripper.bmp
  • restor.bmp
  • roleup.bmp
  • roll.bmp
  • scrollbararrows.bmp
  • scrollbararrowsglyph.bmp
  • scrollbarshafthorz.bmp
  • scrollbarshaftvert.bmp
  • scrollbarthumbbtnhorz.bmp
  • scrollbarthumbbtnvert.bmp
  • scroolbuttons.bmp
  • scroolhorbars.bmp
  • scroolhorgrippers.bmp
  • scroolvertbars.bmp
  • scroolvertgrippers.bmp
  • spinleftright.bmp
  • spinupdown.bmp
  • spinupdownhorizontal.bmp
  • spinupdownhorizontalglyph.bmp
  • spinupdownvertical.bmp
  • spinupdownverticalglyph.bmp
  • statusbar.bmp
  • statuspane.bmp
  • sunkedge.bmp
  • system.bmp
  • tabborder.bmp
  • tabitem.bmp
  • tabpane.bmp
  • tabs.tga
  • toolbarbitmap.bmp
  • toolbarbutton.bmp
  • toolbarbuttons.tga
  • trackbardoup.tga
  • trackbardown.tga
  • trackbarleft.tga
  • trackbarright.tga
  • trackbarthumbdown.tga
  • trackbarthumbvert.tga
  • trackbartrack.bmp
  • trackbartrackvert.bmp
  • trackbartrckhor.bmp
  • trackslidersidetoside.tga
  • tracksliderupdown.tga
  • trackupdown.bmp
  • windowframebottomuis2.bmp
  • windowframeleftuis2.bmp
  • windowframerightuis2.bmp
  • windowframetoolcaption.bmp
  • windowframetoolhorizontal.bmp
  • windowframetoolvertical.bmp
  • windowframetopuis2.bmp
  • windowmincaption.bmp
  • .bmp
  • ϵͳ.bmp
  • .bmp
  • .bmp
  • Ŀ¼.bmp
  • .bmp
  • ̬л.bmp
  • ر.bmp
  • .bmp
  • ϵ.bmp
  • .bmp
  • .bmp
  • ҳ.bmp
  • С.bmp
  • 守护神/skin/spring.ssk
  • 守护神/skin/vladstudio.ssk
  • 守护神/同花顺通用下单/CA/CFCA.cer
  • 守护神/同花顺通用下单/CA/CFCA_RCA1.cer
  • 守护神/同花顺通用下单/CA/CFCA_RCA2.cer
  • 守护神/同花顺通用下单/CA/OwnCA.cer
  • 守护神/同花顺通用下单/CA/TestCA.cer
  • 守护神/同花顺通用下单/CA/cfca rca.cer
  • 守护神/同花顺通用下单/CA/cfca root ca.cer
  • 守护神/同花顺通用下单/CA/chinastock.cer
  • 守护神/同花顺通用下单/CA/dongfang.cer
  • 守护神/同花顺通用下单/CA/dyzq.cer
  • 守护神/同花顺通用下单/CA/ebsca.cer
  • 守护神/同花顺通用下单/CA/hexin.cer
  • 守护神/同花顺通用下单/CA/test.cer
  • 守护神/同花顺通用下单/CA/testht.cer
  • 守护神/同花顺通用下单/CA/wlzq.cer
  • 守护神/同花顺通用下单/CntSSL.dll
    .dll regsvr32 windows:4 windows x86 arch:x86

    193689a7f9d0c2557e52b512cd6986bc


    Headers

    Imports

    Exports

    Sections

  • 守护神/同花顺通用下单/SQLITE30.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • out.upx
    .dll windows:4 windows x86 arch:x86


    Headers

    Sections

  • 守护神/同花顺通用下单/VirusScan.dat
  • 守护神/同花顺通用下单/VirusScan.dll
    .dll windows:4 windows x86 arch:x86


    Code Sign

    Headers

    Exports

    Sections

  • 守护神/同花顺通用下单/hcrypt.dll
    .dll windows:4 windows x86 arch:x86

    6af241710c687bf424c4ecc69f6ebada


    Headers

    Imports

    Exports

    Sections

  • 守护神/同花顺通用下单/hssl.dll
    .dll windows:4 windows x86 arch:x86

    9bb102afeb519f547a7b0eefb4b6fe05


    Headers

    Imports

    Exports

    Sections

  • 守护神/同花顺通用下单/nomh.dll
    .dll windows:4 windows x86 arch:x86

    95945db154bb88963aaa5f36e343c8ee


    Headers

    Imports

    Exports

    Sections

  • 守护神/同花顺通用下单/system.dat
  • 守护神/同花顺通用下单/user.dat
  • 守护神/同花顺通用下单/xiadan.exe
    .exe windows:4 windows x86 arch:x86

    fc38d72042fca6cb9e3710670a5d98b8


    Headers

    Imports

    Sections

  • 守护神/同花顺通用下单/xiadan.ini
  • 守护神/帮助内容.chm
    .chm
  • 守护神/新云软件.url
    .url
  • 守护神/股票自动交易守护神.exe
    .exe windows:4 windows x86 arch:x86

    7de5341fa131f016db1466e8afd20bc0


    Headers

    Imports

    Sections

  • 守护神/通知.wav