Overview

overview

4

Static

static

3

百分百�...��.url

windows7-x64

1

百分百�...��.url

windows10-2004-x64

1

百分百�...32.dll

windows7-x64

3

百分百�...32.dll

windows10-2004-x64

3

百分百�...T2.dll

windows7-x64

3

百分百�...T2.dll

windows10-2004-x64

3

百分百�...TL.dll

windows7-x64

3

百分百�...TL.dll

windows10-2004-x64

3

百分百�...32.dll

windows7-x64

3

百分百�...32.dll

windows10-2004-x64

3

百分百�...5.file

windows7-x64

1

百分百�...5.file

windows10-2004-x64

1

百分百�...AR.exe

windows7-x64

3

百分百�...AR.exe

windows10-2004-x64

3

百分百�...��.exe

windows7-x64

3

百分百�...��.exe

windows10-2004-x64

3

百分百�...te.exe

windows7-x64

3

百分百�...te.exe

windows10-2004-x64

3

百分百�...��.exe

windows7-x64

3

百分百�...��.exe

windows10-2004-x64

3

百分百�...��.doc

windows7-x64

4

百分百�...��.doc

windows10-2004-x64

1

百分百�...DK.dll

windows7-x64

3

百分百�...DK.dll

windows10-2004-x64

3

百分百�...ns.dll

windows7-x64

3

百分百�...ns.dll

windows10-2004-x64

3

百分百�....1.exe

windows7-x64

3

百分百�....1.exe

windows10-2004-x64

3

百分百�...DK.dll

windows7-x64

3

百分百�...DK.dll

windows10-2004-x64

3

百分百�...��.url

windows7-x64

1

百分百�...��.url

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fb80bc54d71d97502e5fbc141952efba_JaffaCakes118

  • Size

    2.5MB

  • MD5

    fb80bc54d71d97502e5fbc141952efba

  • SHA1

    df5afe4b89f551417147d0eb5485629182714a6d

  • SHA256

    713f20858a343e587ebba9b7878d1b6dc396a4d2bd845b25b77e7b765e8d4677

  • SHA512

    02620c4d5adbb009a69f60172fd96b9b344450a82d8f787e9722f8db9126802cfdc9bb12809022cb4e3e9f278d4d070339c74a734b0b8ff1e9aed1ef492d9597

  • SSDEEP

    49152:9Rjqg+GgLDsNdXthaLSCCw9zSkNnfKNmrWCMtqbDlKzsor7k47WujnNfMps:GDsdXfVChNjNCNy3LbhroHkg3Zfr

Score
3/10

Malware Config

Signatures

  • Unsigned PE 9 IoCs

    Checks for missing Authenticode signature.

Files

  • fb80bc54d71d97502e5fbc141952efba_JaffaCakes118
    .rar
  • 百分百阿里旺旺群发器(淘宝版)/155绿色软件站.url
    .url
  • 百分百阿里旺旺群发器(淘宝版)/Comdlg32.ocx
    .dll regsvr32 windows:4 windows x86 arch:x86

    988f29c1eb8054253091352741683c76


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • 百分百阿里旺旺群发器(淘宝版)/MSCOMCT2.OCX
    .dll regsvr32 windows:4 windows x86 arch:x86

    748b8691a0d45b447a059b7ae299a0a2


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • 百分百阿里旺旺群发器(淘宝版)/MSCOMCTL.OCX
    .dll regsvr32 windows:4 windows x86 arch:x86

    b22bd7d6f2b83c193c4c7e9c0a2de8b2


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • 百分百阿里旺旺群发器(淘宝版)/RICHTX32.OCX
    .dll regsvr32 windows:4 windows x86 arch:x86

    f879ec87b93340bacfa917edf4e1aee5


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • 百分百阿里旺旺群发器(淘宝版)/file/705.5475.file
    .file .rtf
  • 百分百阿里旺旺群发器(淘宝版)/file/record.txt
  • 百分百阿里旺旺群发器(淘宝版)/images/1.bmp
  • 百分百阿里旺旺群发器(淘宝版)/images/2.bmp
  • 百分百阿里旺旺群发器(淘宝版)/images/3.bmp
  • 百分百阿里旺旺群发器(淘宝版)/images/4.bmp
  • 百分百阿里旺旺群发器(淘宝版)/images/Thumbs.db
  • 百分百阿里旺旺群发器(淘宝版)/plug/UnRAR.exe
    .exe windows:4 windows x86 arch:x86

    cf6ca145896f9d37f7f4799cce56ed2f


    Headers

    Imports

    Exports

    Sections

  • 百分百阿里旺旺群发器(淘宝版)/plug/ver.ini
  • 百分百阿里旺旺群发器(淘宝版)/plug/虚拟桌面.exe
    .exe windows:4 windows x86 arch:x86

    36ba0f7f4e55e0cb33db4487b1069252


    Headers

    Imports

    Sections

  • 百分百阿里旺旺群发器(淘宝版)/update.exe
    .exe windows:4 windows x86 arch:x86

    d1597121a9ce48c503eb8bc1dac07789


    Headers

    Imports

    Sections

  • 百分百阿里旺旺群发器(淘宝版)/手动输入验证码.exe
    .exe windows:4 windows x86 arch:x86

    ed7d09e18706f80f6405b34c0d773465


    Headers

    Imports

    Sections

  • 百分百阿里旺旺群发器(淘宝版)/旺旺群发使用前必读文档.doc
    .doc windows office2003
  • 百分百阿里旺旺群发器(淘宝版)/注册机/DLL/COFF/CustomWinLicenseSDK.lib
  • 百分百阿里旺旺群发器(淘宝版)/注册机/DLL/CustomWinlicenseSDK.dll
    .dll windows:4 windows x86 arch:x86

    7e1bfd4cffbd639122d8003cbe14f7aa


    Headers

    Imports

    Exports

    Sections

  • 百分百阿里旺旺群发器(淘宝版)/注册机/DLL/OMF/CustomWinLicenseSDK.lib
  • 百分百阿里旺旺群发器(淘宝版)/注册机/EXE/ECCfunctions.dll
    .dll windows:4 windows x86 arch:x86

    69e9209a4e9520dd0f0aceb396541884


    Headers

    Imports

    Exports

    Sections

  • 百分百阿里旺旺群发器(淘宝版)/注册机/EXE/GeneratorDatabase.abs
  • 百分百阿里旺旺群发器(淘宝版)/注册机/EXE/GeneratorSeed.gns
  • 百分百阿里旺旺群发器(淘宝版)/注册机/EXE/WLGen_百分百阿里旺旺群发器(淘宝版) 9.1.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • 百分百阿里旺旺群发器(淘宝版)/注册机/EXE/WinLicenseSDK.dll
    .dll windows:4 windows x86 arch:x86

    67c59fa2a7e88bc8852ca0d05a68e413


    Headers

    Imports

    Exports

    Sections

  • 百分百阿里旺旺群发器(淘宝版)/百分百(旺旺群)群发软件.url
  • 百分百阿里旺旺群发器(淘宝版)/百分百淘宝旺旺群发(网页版).url
  • 百分百阿里旺旺群发器(淘宝版)/百分百阿里巴巴群发软件.url
  • 百分百阿里旺旺群发器(淘宝版)/百分百阿里旺旺群发器(淘宝版).exe
    .exe windows:4 windows x86 arch:x86

    c91ec569b88ee08a1c6035450d06ff21


    Headers

    Imports

    Sections

  • 百分百阿里旺旺群发器(淘宝版)/百分百阿里旺旺群发器(淘宝版).url
  • 百分百阿里旺旺群发器(淘宝版)/若软件运行出错请运行此文件.bat