_DebugHook
_ExceptionClass
__GetExceptDLLinfo
___CPPdebugHook
Overview
overview
7Static
static
7DXTBmp.exe
windows7-x64
5DXTBmp.exe
windows10-2004-x64
5DXTBmp.htm
windows7-x64
3DXTBmp.htm
windows10-2004-x64
3Texture Fo...S3.rtf
windows7-x64
4Texture Fo...S3.rtf
windows10-2004-x64
1Texture Fo...02.rtf
windows7-x64
4Texture Fo...02.rtf
windows10-2004-x64
1Texture Fo...04.rtf
windows7-x64
4Texture Fo...04.rtf
windows10-2004-x64
1data/mwace.dll
windows7-x64
3data/mwace.dll
windows10-2004-x64
5data/mwdds.dll
windows7-x64
5data/mwdds.dll
windows10-2004-x64
5data/mwgfx.dll
windows7-x64
5data/mwgfx.dll
windows10-2004-x64
5data/mwgfx24.dll
windows7-x64
5data/mwgfx24.dll
windows10-2004-x64
5data/mwgfxcopy.exe
windows7-x64
1data/mwgfxcopy.exe
windows10-2004-x64
3绿化.exe
windows7-x64
3绿化.exe
windows10-2004-x64
3Behavioral task
behavioral1
Sample
DXTBmp.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
DXTBmp.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral3
Sample
DXTBmp.htm
Resource
win7-20240729-en
Behavioral task
behavioral4
Sample
DXTBmp.htm
Resource
win10v2004-20240802-en
Behavioral task
behavioral5
Sample
Texture Formats used by CFS3.rtf
Resource
win7-20240903-en
Behavioral task
behavioral6
Sample
Texture Formats used by CFS3.rtf
Resource
win10v2004-20240802-en
Behavioral task
behavioral7
Sample
Texture Formats used by FS2002.rtf
Resource
win7-20240704-en
Behavioral task
behavioral8
Sample
Texture Formats used by FS2002.rtf
Resource
win10v2004-20240802-en
Behavioral task
behavioral9
Sample
Texture Formats used by FS2004.rtf
Resource
win7-20240903-en
Behavioral task
behavioral10
Sample
Texture Formats used by FS2004.rtf
Resource
win10v2004-20240802-en
Behavioral task
behavioral11
Sample
data/mwace.dll
Resource
win7-20240903-en
Behavioral task
behavioral12
Sample
data/mwace.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral13
Sample
data/mwdds.dll
Resource
win7-20240729-en
Behavioral task
behavioral14
Sample
data/mwdds.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral15
Sample
data/mwgfx.dll
Resource
win7-20240903-en
Behavioral task
behavioral16
Sample
data/mwgfx.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral17
Sample
data/mwgfx24.dll
Resource
win7-20240903-en
Behavioral task
behavioral18
Sample
data/mwgfx24.dll
Resource
win10v2004-20240802-en
Behavioral task
behavioral19
Sample
data/mwgfxcopy.exe
Resource
win7-20240903-en
Behavioral task
behavioral20
Sample
data/mwgfxcopy.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral21
Sample
绿化.exe
Resource
win7-20240903-en
Behavioral task
behavioral22
Sample
绿化.exe
Resource
win10v2004-20240802-en
Target
ffcaa974dc6c4b9dab0cf1f2618be031_JaffaCakes118
Size
853KB
MD5
ffcaa974dc6c4b9dab0cf1f2618be031
SHA1
4af603d5879be50bbcf98efc06002353fba59d83
SHA256
c10816957f5f8268d421e401b747b082adefe746c39216142d44fa14082af668
SHA512
9ffcf53aed2b07d135b1f220768ae4eaca9b3cfee0f03fd08078a67533bffcc13520a5c36b1bd3ef3830ef61412880044a3d4fb23e07bbf703cbd2eb6c1732f0
SSDEEP
24576:p3oNEzmAvVL+mBfewVAfcW5wfjhM72ekNhn:p3okFAqewVAfcWyfjhMyrNhn
Detects file using ACProtect software.
resource | yara_rule |
---|---|
static1/unpack001/data/mwace.dll | acprotect |
static1/unpack001/data/mwdds.dll | acprotect |
static1/unpack001/data/mwgfx.dll | acprotect |
static1/unpack001/data/mwgfx24.dll | acprotect |
resource | yara_rule |
---|---|
static1/unpack001/DXTBmp.exe | upx |
static1/unpack001/data/mwace.dll | upx |
static1/unpack001/data/mwdds.dll | upx |
static1/unpack001/data/mwgfx.dll | upx |
static1/unpack001/data/mwgfx24.dll | upx |
Checks for missing Authenticode signature.
resource |
---|
unpack001/DXTBmp.exe |
unpack001/data/mwace.dll |
unpack003/out.upx |
unpack001/data/mwdds.dll |
unpack001/data/mwgfx.dll |
unpack001/data/mwgfx24.dll |
unpack001/data/mwgfxcopy.exe |
unpack001/绿化.exe |
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
_DebugHook
_ExceptionClass
__GetExceptDLLinfo
___CPPdebugHook
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI
_AceCompress
_AceCompressAll
_AceDecompress
_AceInitLoad
_AceInitLoadData
_AceLoadBitmap
_AceLoadData
_AceToBmp
_AceToBmps
_AceToTga
_AceToTgaSquare
_BmpsToTga
_BmpsToTgaSquare
_CheckAce
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
BMPScompressBMP
BMPStoTGA
CreateThumbnail
DDStoTGA
DXTSetMipFilter
DXTSetMipSharpen
DXTcompress
DXTcompressACE
DXTcompressBMP
DXTcreateMIPS
Read_DDS
TGAcompressACE
TGAcompressBMP
TGAcompressDDS
TGAtoACE
TGAtoBMP
TGAtoBMPS
TGAtoDDS
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI
@Read_JBIG$qpcp3Pic
@Write_JBIG$qpcp3Pic
@Write_JBIG_Stream$qp4FILEp3Pic
_CombineAlphaDXT1
_ExtractGIF
_FreeBitmapMemory
_LoadAsBitmap
_LoadAsDIB
_LoadAsDIB2
_MWCreateThumbnail
_MWGrabScreen
_MWGrabWindow
_MWOpenImageDialog
_MWOpenImageDialogEx
_MWOpenVideoDialog
_MWSetWallpaper
_Pic_Convert
_Pic_Copyright
_Pic_Count
_Pic_Crop
_Pic_Description
_Pic_Dither
_Pic_ExtValid
_Pic_Extension
_Pic_Extensions
_Pic_GetSaveFormat
_Pic_GetSaveFormats
_Pic_Pattern
_Pic_RGB24
_Pic_Read
_Pic_Read_Alpha
_Pic_Rotate
_Pic_Valid
_Pic_ValidExt
_Pic_Write
_ScanToClipboard
_ScanToFile
_SelectScanSource
_TargaCrop
_TargaFlip
_TargaFromACE
_TargaFromAny
_TargaFromCA
_TargaFromDDS
_TargaFromExtendedBitmap
_TargaFromPNG
_TargaFromTGP
_TargaFromTIF
_TargaGetMessage
_TargaJoin
_TargaMessage
_TargaResize
_TargaSplit
_TargaToACE
_TargaToCA
_TargaToDDS
_TargaToExtendedBitmap
_TargaToPNG
_TargaToTIF
_WinImageAdjust
_WinImageBrowse
_WinImageCopy
_WinImageCrop
_WinImagePrint
_WinImageScan
_WinImageShow
_WinImageSize
_WinSlideShow
_WinSlideShowSound
_WinVideoScreen
_WinVideoShow
_anyto256
_anytoalpha
_anytobmps
_anytogrey
_bmpcrop
_bmpinsert
_bmpmerge
_bmpprocess
_bmpremap
_bmpresize
_bmprocess
_bmprotate
_bmpsharpen
_bmptoanys
_checkbmp
_mwgfxver
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI
@TWAIN_DS$qqsuluiuipv
_AdjustImage
_Copy_Image
_CropImage
_DebugHook
_ExceptionClass
_ICOtoBMP
_MWTScanToClipboard
_MWTScanToFile
_MWTSelectScanSource
_Pic_Browse
_Print_Preview
_Print_PreviewFull
_ShowImage
_Show_Video_Screen
_Show_Video_Window
_SizeImage
_SlideShowImages
_SlideShowImagesSound
_Twain_Acquire
_WMFtoBMP
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
CopyFileA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ