Overview

overview

7

Static

static

7

wordllk_0.22.exe

windows7-x64

7

wordllk_0.22.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

mstts.exe

windows7-x64

7

mstts.exe

windows10-2004-x64

7

uninst.exe

windows7-x64

7

uninst.exe

windows10-2004-x64

7

wordllk.exe

windows7-x64

7

wordllk.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    d0ce5c29d9cd668e589731b529571974_JaffaCakes118

  • Size

    4.3MB

  • MD5

    d0ce5c29d9cd668e589731b529571974

  • SHA1

    178ed1d4f77b7b003657cbe4ba71b76221ef0699

  • SHA256

    c4dc7e12bb80c48faab4a41d073124d23413459080632d68894199174f5a5200

  • SHA512

    0f0945ed41194a9692052c14da3f7077bc4c2d10fb666dcf6da68ccda36e3a767cc100b1b4ae2cc1edfe5fb77c049680d1b11edc237d5772ba774c2c835fefe8

  • SSDEEP

    98304:9p0BgSCr1pz6O4wk33V6t6hB/OVBcoiCBPEFhWT0j+r:T0OSI1x6O666/OwPCBsFhWTVr

Score
7/10
aspackv2

Malware Config

Signatures

  • ASPack v2.12-2.42 1 IoCs

    Detects executables packed with ASPack v2.12-2.42

    aspackv2
  • Unsigned PE 5 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 2 IoCs
    installer

Files

  • d0ce5c29d9cd668e589731b529571974_JaffaCakes118
    .rar
  • wordllk_0.22.exe
    .exe windows:4 windows x86 arch:x86

    1cf4252ebbb4f173d97a6ef4f79a60b5


    Headers

    Imports

    Sections

  • $PLUGINSDIR/InstallOptions.dll
    .dll windows:4 windows x86 arch:x86

    922b855d216a21490e4bcbf6c29b7f7d


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/ioSpecial.ini
  • $PLUGINSDIR/modern-wizard.bmp
  • b4sm.mdb
  • mstts.exe
    .exe windows:4 windows x86 arch:x86

    5318cd03ef5b5da86800f1483484cfd0


    Headers

    Imports

    Exports

    Sections

  • mz.ini
  • pic/Perfect1/1.bmp
  • pic/Perfect1/10.bmp
  • pic/Perfect1/11.bmp
  • pic/Perfect1/12.bmp
  • pic/Perfect1/2.bmp
  • pic/Perfect1/3.bmp
  • pic/Perfect1/4.bmp
  • pic/Perfect1/5.bmp
  • pic/Perfect1/6.bmp
  • pic/Perfect1/7.bmp
  • pic/Perfect1/8.bmp
  • pic/Perfect1/9.bmp
  • pic/Perfect2/1.bmp
  • pic/Perfect2/10.bmp
  • pic/Perfect2/11.bmp
  • pic/Perfect2/12.bmp
  • pic/Perfect2/2.bmp
  • pic/Perfect2/3.bmp
  • pic/Perfect2/4.bmp
  • pic/Perfect2/5.bmp
  • pic/Perfect2/6.bmp
  • pic/Perfect2/7.bmp
  • pic/Perfect2/8.bmp
  • pic/Perfect2/9.bmp
  • pic/The_Blacy/1.bmp
  • pic/The_Blacy/10.bmp
  • pic/The_Blacy/11.bmp
  • pic/The_Blacy/12.bmp
  • pic/The_Blacy/2.bmp
  • pic/The_Blacy/3.bmp
  • pic/The_Blacy/4.bmp
  • pic/The_Blacy/5.bmp
  • pic/The_Blacy/6.bmp
  • pic/The_Blacy/7.bmp
  • pic/The_Blacy/8.bmp
  • pic/The_Blacy/9.bmp
  • pic/buttery/1.bmp
  • pic/buttery/10.bmp
  • pic/buttery/11.bmp
  • pic/buttery/12.bmp
  • pic/buttery/2.bmp
  • pic/buttery/3.bmp
  • pic/buttery/4.bmp
  • pic/buttery/5.bmp
  • pic/buttery/6.bmp
  • pic/buttery/7.bmp
  • pic/buttery/8.bmp
  • pic/buttery/9.bmp
  • pic/p.ini
  • pic/xp/1.bmp
  • pic/xp/10.bmp
  • pic/xp/11.bmp
  • pic/xp/12.bmp
  • pic/xp/2.bmp
  • pic/xp/3.bmp
  • pic/xp/4.bmp
  • pic/xp/5.bmp
  • pic/xp/6.bmp
  • pic/xp/7.bmp
  • pic/xp/8.bmp
  • pic/xp/9.bmp
  • sound/elec.wav
  • sound/end.wav
  • sound/exp1.wav
  • sound/flystar.wav
  • sound/sel.wav
  • sound/start.wav
  • uninst.exe
    .exe windows:4 windows x86 arch:x86

    1cf4252ebbb4f173d97a6ef4f79a60b5


    Headers

    Imports

    Sections

  • wordllk.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • 下载说明.htm
    .html .js polyglot