Overview

overview

7

Static

static

7

3801/swgjx.exe

windows7-x64

7

3801/swgjx.exe

windows10-2004-x64

7

3801/新云软件.url

windows7-x64

1

3801/新云软件.url

windows10-2004-x64

1

Readme-说明.html

windows7-x64

3

Readme-说明.html

windows10-2004-x64

3

安当软件.url

windows7-x64

1

安当软件.url

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    ba2441050827ec5a09047fb860aed006_JaffaCakes118

  • Size

    2.4MB

  • MD5

    ba2441050827ec5a09047fb860aed006

  • SHA1

    9f3c9353b47de4f80383fbfcc604fe730232882e

  • SHA256

    679161ea96f00cc31b6a73e6f34cbfa199e720b5fb84543c6cbf4fffd35ae135

  • SHA512

    b9d51137f66530fdccce7f8ae71352559122fe8ef6b2f415eb587386d8722aa256fa8ae94593f39eca4fd91132b897d2aa44ab57ae79b06eb11ed08b6cecd8ba

  • SSDEEP

    49152:aUb+yjwa0X88QqQpgD6hLMeHLL33vCnyUf42efBoZJj:aUBj2ThDGrL3/Cnye0fIJj

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • ba2441050827ec5a09047fb860aed006_JaffaCakes118
    .rar
  • 3801/dt/临仙镇.bmp
  • 3801/dt/乌斯藏.bmp
  • 3801/dt/五庄观.bmp
  • 3801/dt/傲来国.bmp
  • 3801/dt/大唐国境.bmp
  • 3801/dt/大唐境外.bmp
  • 3801/dt/天宫.bmp
  • 3801/dt/天魔里.bmp
  • 3801/dt/方寸山.bmp
  • 3801/dt/昆仑山.bmp
  • 3801/dt/普陀山.bmp
  • 3801/dt/清河镇.bmp
  • 3801/dt/清河镇外.bmp
  • 3801/dt/狮驼岭.bmp
  • 3801/dt/盘丝岭.bmp
  • 3801/dt/花果山.bmp
  • 3801/dt/长安城外.bmp
  • 3801/dt/魔王寨.bmp
  • 3801/gx.edb
  • 3801/js.edb
  • 3801/swgjx.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • 3801/zn.edb
  • 3801/新云软件.url
    .url
  • 3801/配置.ini
  • Readme-说明.html
    .html
  • 安当软件.url.url
    .url