Overview

overview

8

Static

static

7

SF9辅助官网.url

windows7-x64

1

SF9辅助官网.url

windows10-2004-x64

1

官方网�...��.url

windows7-x64

1

官方网�...��.url

windows10-2004-x64

1

搜服九�...��.exe

windows7-x64

8

搜服九�...��.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0ab059c470222153f2c39504dab4cfb6_JaffaCakes118

  • Size

    8.4MB

  • MD5

    0ab059c470222153f2c39504dab4cfb6

  • SHA1

    c80e71f530298318886edd8b36aa77c61abeabb7

  • SHA256

    b9a875b75c1ca1ac2e2889fe844eb588e4e6c435675dcbec8f8da43acb3219b4

  • SHA512

    62c9df0c003199fa6426c781816d2a129068371eef00678605f53a4de6b31c76fc413dceead7ffde2706ae541936cabaddfec685a4eba99cbfd0ecbcdc3b30ec

  • SSDEEP

    196608:XipMGmNwXn7+aq+PBEzBrJvnPppTW9QEK1+2pvXYfF1isz/wE0:Xitd7QtlxPfWtK1+2pvXYfF1izE0

Score
7/10
vmprotect

Malware Config

Signatures

  • VMProtect packed file 1 IoCs

    Detects executables packed with VMProtect commercial packer.

    vmprotect
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 0ab059c470222153f2c39504dab4cfb6_JaffaCakes118
    .rar
  • SF9辅助官网.url
    .url
  • SKY/1.76调法.ini
  • SKY/不封速.ini
  • SKY/中变调法.ini
  • SKY/我的设置.ini
  • SKY/砍猪调法.ini
  • SKY/轻中变法师.ini
  • SKY/轻便调法.ini
  • SKY/近身过蓝.ini
  • 使用方法-用户必看.txt
  • 官方网站,视频教程.url
    .url
  • 搜服九輔助5.3免費版.exe
    .exe windows:4 windows x86 arch:x86

    8a22d4f1701bc7ab7c40023e80490111


    Headers

    Imports

    Sections

  • 游侠登录器开法.txt
  • 登录失败的用户请看.txt
  • 脚本/@会员回收案例.txt
  • 脚本/使用物品回收案例.txt
  • 脚本/土药挂机脚本.txt
  • 脚本/地图打宝师范脚本二.txt
  • 脚本/自动修复装备脚本.txt
  • 脚本/购买传送石脚本.txt
  • 脚本/购买药品脚本.txt
  • 脚本/购买随机石脚本.txt
  • 脚本/进地图示范脚本.txt