FindProc
General
-
Target
fb36e0c564eeee21c727a58827c5527a_JaffaCakes118
-
Size
8.0MB
-
MD5
fb36e0c564eeee21c727a58827c5527a
-
SHA1
fda2fbf57e0d27d0c59a69421fb5078fe150c289
-
SHA256
64627398fed1434661f4e4c4e58b89d2cf108fc976db92276b9def299ab9d0b9
-
SHA512
a7788579b1afb3b332b4fd0d062d94ac5b91f340f91e7f7b11271cd6e5f6ce3e6b302122c9c74ed8a5eba8981cacd845309b16db55c20ef8b0a9035472dd954f
-
SSDEEP
196608:oOYw4LUfcDGiICBWLWRoCJSVhWt3u7YrxrbMELhfdyDzgL/WkS2gfGEo:oCizWLNw3McrzFyPOqGEo
Score
7/10
Malware Config
Signatures
-
ACProtect 1.3x - 1.4x DLL software 2 IoCs
Detects file using ACProtect software.
-
UPX packed file 2 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Unsigned PE 25 IoCs
Checks for missing Authenticode signature.
-
NSIS installer 4 IoCs
Files
-
fb36e0c564eeee21c727a58827c5527a_JaffaCakes118
7fa974366048f9c551ef45714595665e
Headers
Imports
Sections
-
$PLUGINSDIR/FindProcDLL.dll
8df26927f8978d4eb40ff179c0aa961b
Headers
Imports
Exports
Sections
-
$PLUGINSDIR/GetVersion.dll
Headers
Exports
Sections
-
out.upx
Headers
Sections
-
$PLUGINSDIR/System.dll
2017f2acbdaa42ab3e4adeb8b4c37e7b
Headers
Imports
Exports
Sections
-
$PLUGINSDIR/modern-wizard.bmp
-
$PLUGINSDIR/nsDialogs.dll
1e2884056e655f2b7bc5a904e352fc80
Headers
Imports
Exports
Sections
-
$PLUGINSDIR/rfshdktp.dll
042f3c184e7c0923b6325ab1dc09aed7
Headers
Imports
Exports
Sections
-
GdiPlus.dll
05d4c65d0c1cdfb83215bd2f69493483
Headers
Imports
Exports
Sections
-
HWTool.exe
a26fc8a0e5a3c34dd1dc41d46bd4e118
Headers
Imports
Sections
-
HanWenBook.exe
263cda3c4502e517b92505a779fc1aee
Headers
Imports
Sections
-
OBCrashReport.exe
6e5f617f29ccb01ec2733c307510a239
Headers
Imports
Sections
-
OBCrashRpt.dll
b0ffa228d92023b12ca94ea6da1063c5
Headers
Imports
Exports
Sections
-
OBModuleDraw.dll
906636e9dfd32328d07425c6dd9ec169
Headers
Imports
Exports
Sections
-
OBModuleInfo.dll
cbd838aee488ed07f673e311aa9bc4aa
Headers
Imports
Exports
Sections
-
OBModuleMgr.dll
0150c0064b121953450bd052f160dc2a
Headers
Imports
Exports
Sections
-
OBModuleTool.dll
ed5a1f99a1def5f5f9fdaae87a9614e9
Headers
Imports
Exports
Sections
-
OBModuleUser.dll
4641c11af0e7c6f56f3b29e8dade675a
Headers
Imports
Exports
Sections
-
Res/Cursor/BoldLine.cur
-
Res/Cursor/Clear.cur
-
Res/Cursor/FineLine.cur
-
Res/Cursor/Marquee.cur
-
Res/Cursor/Painter.cur
-
Res/Cursor/WaveLine.cur
-
Res/Cursor/mouse.cur
-
Res/Cursor/stop.cur
-
Res/Cursor/дע.cur
-
Res/Cursor/.ani
-
Res/Cursor/ѡ.cur
-
Res/Html/Default.css
-
Res/Html/Default.html
-
Res/Html/Marginalia.css
-
Res/Html/drift_main_bg.jpg
-
Res/Html/protocal.html
-
Res/Images/Images/Frame/0-1.png
-
Res/Images/Images/Frame/0-2.png
-
Res/Images/Images/Frame/0-3.png
-
Res/Images/Images/Frame/0-4.png
-
Res/Images/Images/Frame/BookRightShadow.png
-
Res/Images/Images/Frame/IconError.png
-
Res/Images/Images/Frame/Logo.png
-
Res/Images/Images/Frame/ScrollTip.png
-
Res/Images/Images/Frame/head.png
-
Res/Images/Images/Frame/hong.png
-
Res/Images/Images/Frame/kx.png
-
Res/Images/Images/Frame/lxyd-.png
-
Res/Images/Images/Frame/lxyd-.png
-
Res/Images/Images/Frame/lxyd-.png
-
Res/Images/Images/Frame/lxyd-.png
-
Res/Images/Images/Frame/lxyd-.png
-
Res/Images/Images/Frame/menuBottom.jpg
-
Res/Images/Images/Frame/menuLeftTile.jpg
-
Res/Images/Images/Frame/menuRightTile.jpg
-
Res/Images/Images/Frame/menuTag.png
-
Res/Images/Images/Frame/menuTop.jpg
-
Res/Images/Images/Frame/rr.png
-
Res/Images/Images/Frame/sh.png
-
Res/Images/Images/Frame/sina.png
-
Res/Images/Images/Frame/swait.png
-
Res/Images/Images/Frame/tip01.png
-
Res/Images/Images/Frame/tip02.png
-
Res/Images/Images/Frame/tip03.png
-
Res/Images/Images/Frame/tip04.png
-
Res/Images/Images/Frame/tip05.png
-
Res/Images/Images/Frame/tiperror.png
-
Res/Images/Images/Frame/tipnorm.png
-
Res/Images/Images/Frame/tipques.png
-
Res/Images/Images/Frame/tipwarn.png
-
Res/Images/Images/Frame/tx.png
-
Res/Images/Images/Frame/wrireMargia.png
-
Res/Images/Images/Frame/ȴ.png
-
Res/Images/Images/Frame/ȴ.png
-
Res/Images/Images/Frame/Ŵ.jpg
-
Res/Images/Images/Frame/ر.png
-
Res/Images/Images/Frame/1.png
-
Res/Images/Images/Frame/2.png
-
Res/Images/Images/Frame/շѵȴ.png
-
Res/Images/Images/Frame/ͶӰ-.png
-
Res/Images/Images/Frame/ͶӰ-.png
-
Res/Images/Images/Frame/ͶӰ-.png
-
Res/Images/Images/Frame/ͶӰ-.png
-
Res/Images/Images/Frame/ͶӰ-.png
-
Res/Images/Images/Frame/ͶӰ-.png
-
Res/Images/Images/Frame/.png
-
Res/Images/Images/Frame/.jpg
-
Res/Images/Images/bookpreread_btnRead.png
-
Res/Images/Images/home_head_mask.png
-
Res/Images/Images/home_shelf_background.png
-
Res/Images/Images/home_shelf_book_border.png
-
Res/Images/Images/home_shelf_book_hover.png
-
Res/Images/Images/home_shelf_book_source_active_mark.png
-
Res/Images/Images/home_shelf_book_source_mark.png
-
Res/Images/Images/home_shelf_book_tip_background.png
-
Res/Images/Images/home_shelf_create_rate_empty.png
-
Res/Images/Images/home_shelf_create_rate_full.png
-
Res/Images/Images/home_shelf_lock.png
-
Res/Images/Images/home_shelf_menu.png
-
Res/Images/Images/home_shelf_menu_flod.png
-
Res/Images/Images/home_shelf_menu_new.png
-
Res/Images/Images/home_shelf_menu_next.png
-
Res/Images/Images/home_shelf_menu_prev.png
-
Res/Images/Images/login_background.png
-
Res/Images/Images/logo.png
-
Res/Images/Images/main_button_blue_135_40_4.png
-
Res/Images/Images/main_button_blue_95_30_3.png
-
Res/Images/Images/main_button_blue_yello_95_30_3.png
-
Res/Images/Images/main_button_color_80_25_4.png
-
Res/Images/Images/main_button_gray_135_40_4.png
-
Res/Images/Images/main_button_gray_136_36_4.png
-
Res/Images/Images/main_button_gray_50_20_4.png
-
Res/Images/Images/main_button_gray_80_38_4.png
-
Res/Images/Images/main_button_gray_apha_135_36_4.png
-
Res/Images/Images/main_button_light_blue_95_30_3.png
-
Res/Images/Images/main_button_line_95_30_4.png
-
Res/Images/Images/main_button_orange_95_30_3.png
-
Res/Images/Images/main_button_red_135_40_4.png
-
Res/Images/Images/main_button_red_175_38_4.png
-
Res/Images/Images/main_button_red_96_38_4.png
-
Res/Images/Images/main_button_yello_95_30_3.png
-
Res/Images/Images/main_check_back_16_16.png
-
Res/Images/Images/main_check_select_16_16.png
-
Res/Images/Images/main_close_3stat.png
-
Res/Images/Images/main_close_button_16_16_3.png
-
Res/Images/Images/main_close_button_red_15_15_3.png
-
Res/Images/Images/main_common_face_icon.png
-
Res/Images/Images/main_common_sex_icon.png
-
Res/Images/Images/main_common_tip_back.png
-
Res/Images/Images/main_edge_bottom_15_15_4.png
-
Res/Images/Images/main_head_default_boy.png
-
Res/Images/Images/main_head_default_girl.png
-
Res/Images/Images/main_head_default_null.png
-
Res/Images/Images/main_login_mail_back.png
-
Res/Images/Images/main_login_name_back.png
-
Res/Images/Images/main_login_process_back.png
-
Res/Images/Images/main_login_process_bar.png
-
Res/Images/Images/main_login_pwd_back.png
-
Res/Images/Images/main_login_regist_success_background.png
-
Res/Images/Images/main_message_3stat.png
-
Res/Images/Images/main_min_3stat.png
-
Res/Images/Images/main_nick_normal.png
-
Res/Images/Images/main_pagetab_back.png
-
Res/Images/Images/main_pagetab_front.png
-
Res/Images/Images/main_pagetab_next.png
-
Res/Images/Images/main_pagetab_prev.png
-
Res/Images/Images/main_popup_dlg_background.png
-
Res/Images/Images/main_radio_back_16_16_2.png
-
Res/Images/Images/main_radio_select_10_10.png
-
Res/Images/Images/main_scroll_background_updown.png
-
Res/Images/Images/main_scroll_button_bottom.png
-
Res/Images/Images/main_scroll_button_top.png
-
Res/Images/Images/main_scroll_slider_updown.png
-
Res/Images/Images/main_search_box.png
-
Res/Images/Images/main_search_icon.png
-
Res/Images/Images/main_setting_3stat.png
-
Res/Images/Images/main_user_3stat.png
-
Res/Images/Images/read_desk_book_mark_3icon.png
-
Res/Images/Images/read_desk_button_enlarge.png
-
Res/Images/Images/read_desk_button_narrow.png
-
Res/Images/Images/read_desk_foot_layer_background.png
-
Res/Images/Images/read_desk_foot_scroll_back.png
-
Res/Images/Images/read_desk_foot_scroll_icon.png
-
Res/Images/Images/read_desk_foot_scroll_slider.png
-
Res/Images/Images/read_desk_menu_icon.png
-
Res/Images/Images/read_desk_page_next.png
-
Res/Images/Images/read_desk_page_prev.png
-
Res/Images/Images/read_desk_tab_edge.png
-
Res/Images/Images/read_left_button_buy.png
-
Res/Images/Images/read_left_button_collect.png
-
Res/Images/Images/read_left_history_clean.png
-
Res/Images/Images/read_left_menu_icon.png
-
Res/Images/Images/read_left_recommend_star.png
-
Res/Images/Images/read_left_search_edit_background.png
-
Res/Images/Images/read_left_shadow.png
-
Res/Images/Images/read_left_tab_edge.png
-
Res/Images/Images/read_postil_area_blue_28_28_3.png
-
Res/Images/Images/read_postil_area_red_28_28_3.png
-
Res/Images/Images/regist_background.png
-
Res/Images/Images/regist_button_back.png
-
Res/Images/Images/store_tab_boutique_normal.png
-
Res/Images/Images/store_tab_boutique_select.png
-
Res/Images/Images/store_tab_category_normal.png
-
Res/Images/Images/store_tab_category_select.png
-
Res/Images/Images/store_tab_limitfree_normal.png
-
Res/Images/Images/store_tab_limitfree_select.png
-
Res/Images/Images/store_tab_rank_normal.png
-
Res/Images/Images/store_tab_rank_select.png
-
Res/Images/Images/store_tab_recommend_normal.png
-
Res/Images/Images/store_tab_recommend_select.png
-
Res/Images/Images/store_tab_select_edge.png
-
Res/Images/Update/update_background.png
-
Res/Images/Update/update_button_cancel.png
-
Res/Images/Update/update_progress.png
-
Uninstall.exe
7fa974366048f9c551ef45714595665e
Headers
Imports
Sections
-
$PLUGINSDIR/ExecCmd.dll
bf44c9fb48bb8c36b3e2527e7252350d
Headers
Imports
Exports
Sections
-
$PLUGINSDIR/FindProcDLL.dll
8df26927f8978d4eb40ff179c0aa961b
Headers
Imports
Exports
Sections
-
$PLUGINSDIR/GetVersion.dll
Headers
Exports
Sections
-
out.upx
Headers
Sections
-
$PLUGINSDIR/System.dll
2017f2acbdaa42ab3e4adeb8b4c37e7b
Headers
Imports
Exports
Sections
-
$PLUGINSDIR/inetc.dll
3f1149a3053980fe6b461521d2b55a2c
Headers
Imports
Exports
Sections
-
$PLUGINSDIR/modern-wizard.bmp
-
$PLUGINSDIR/nsDialogs.dll
1e2884056e655f2b7bc5a904e352fc80
Headers
Imports
Exports
Sections
-
dbghelp.dll
3f5a00ef2a36f3cd8924690a5a1d6f3c
Code Sign
Headers
Imports
Exports
Sections