General

  • Target

    bd349afba1c45c7003b0a4c493366198_JaffaCakes118

  • Size

    2.3MB

  • MD5

    bd349afba1c45c7003b0a4c493366198

  • SHA1

    cd7f10cf74b5dbe4eba5c6c2a03e16e00b7e1dff

  • SHA256

    547acfc7b39d83ffa3b62b0b5f64b5e61fe306b6990a9f78c8b2db18f621c23b

  • SHA512

    4adb95490610c563a832bfc0784ed9afede885f838014ec83b4e586bad851e3ea847d8cf7267aff06a83635f44a9ef1cdcd01c4a0b8329fc9345f0c9bdf25366

  • SSDEEP

    49152:d+GDTf8a4TkGUBiELuxFlFUAH+C5qI3lWfVRRnO3xs3Az4tEYGQP+BLy2:d+G3f8LTLUMoUrBFqQWXRnO3q3Az8/fO

Score
7/10
upx

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 1 IoCs

    Detects file using ACProtect software.

  • UPX packed file 4 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 8 IoCs

    Checks for missing Authenticode signature.

Files

  • bd349afba1c45c7003b0a4c493366198_JaffaCakes118
    .rar
  • Important/DiDaGrid.ocx
    .dll regsvr32 windows:4 windows x86 arch:x86

    f2c3a8ffe62eddb65323621d30a75f77


    Headers

    Imports

    Exports

    Sections

  • Important/REG.edb
  • Important/SkinH_EL.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • Important/新云软件.url
    .url
  • UpDate.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • WebBrowser.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • 精易编程助手.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections