Overview

overview

6

Static

static

3

ym_vb-waig...cn.url

windows7-x64

6

ym_vb-waig...cn.url

windows10-2004-x64

3

ym_vb-waig...m1.vbs

windows7-x64

1

ym_vb-waig...m1.vbs

windows10-2004-x64

1

ym_vb-waig...SM.vbs

windows7-x64

1

ym_vb-waig...SM.vbs

windows10-2004-x64

1

ym_vb-waig...PI.vbs

windows7-x64

1

ym_vb-waig...PI.vbs

windows10-2004-x64

1

ym_vb-waig...fo.vbs

windows7-x64

1

ym_vb-waig...fo.vbs

windows10-2004-x64

1

ym_vb-waig...m1.vbs

windows7-x64

1

ym_vb-waig...m1.vbs

windows10-2004-x64

1

ym_vb-waig...SM.vbs

windows7-x64

1

ym_vb-waig...SM.vbs

windows10-2004-x64

1

ym_vb-waig...20.exe

windows7-x64

3

ym_vb-waig...20.exe

windows10-2004-x64

3

ym_vb-waig...PI.vbs

windows7-x64

1

ym_vb-waig...PI.vbs

windows10-2004-x64

1

ym_vb-waig...��.url

windows7-x64

1

ym_vb-waig...��.url

windows10-2004-x64

1

ym_vb-waig...��.htm

windows7-x64

3

ym_vb-waig...��.htm

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    117869f7746637ebee0d97c7b93b8859_JaffaCakes118

  • Size

    82KB

  • MD5

    117869f7746637ebee0d97c7b93b8859

  • SHA1

    eb42b122fcf16ec3e41a44cac84a0d5691808626

  • SHA256

    0863eb350de6be48aa136ce5b24165c02317222eee11f10bb5aec48bc91aab88

  • SHA512

    90b479d8979dcc9b6b176ea772b611a41582d9fc525424aab721846b99091947fc3c6254653461f00eca8e764b0473f05091ad4276a517193af057931dafbc11

  • SSDEEP

    1536:jZvF0vY3ysrIq9AY5lFyWD+oeRmXtc2mkkhe8krM1YbT9pbVTn59uVixHjeb4cYm:jZvFkY3yU3AY5jyWD+oeRmXmxkkh6aYi

Score
3/10

Malware Config

Signatures

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 117869f7746637ebee0d97c7b93b8859_JaffaCakes118
    .rar
  • ym_vb-waiguasrc/HiCode.cn.url
    .url
  • ym_vb-waiguasrc/hicode/外挂样板/打怪挂/Form1.frm
    .vbs
  • ym_vb-waiguasrc/hicode/外挂样板/打怪挂/Form1.frx
  • ym_vb-waiguasrc/hicode/外挂样板/打怪挂/clsASM.cls
    .vbs
  • ym_vb-waiguasrc/hicode/外挂样板/打怪挂/frmProcess.frm
  • ym_vb-waiguasrc/hicode/外挂样板/打怪挂/mdlAPI.bas
    .vbs
  • ym_vb-waiguasrc/hicode/外挂样板/打怪挂/mdlDec.bas
  • ym_vb-waiguasrc/hicode/外挂样板/打怪挂/mdlSubCall.bas
  • ym_vb-waiguasrc/hicode/外挂样板/打怪挂/mdlSubInfo.bas
    .vbs
  • ym_vb-waiguasrc/hicode/外挂样板/打怪挂/sc.ico
  • ym_vb-waiguasrc/hicode/外挂样板/打怪挂/sms.wav
  • ym_vb-waiguasrc/hicode/外挂样板/打怪挂/tlbbcall.vbp
  • ym_vb-waiguasrc/hicode/外挂样板/打怪挂/tlbbcall.vbw
  • ym_vb-waiguasrc/hicode/外挂样板/采集挂/Form1.frm
    .vbs
  • ym_vb-waiguasrc/hicode/外挂样板/采集挂/Form1.frx
  • ym_vb-waiguasrc/hicode/外挂样板/采集挂/clsASM.cls
    .vbs
  • ym_vb-waiguasrc/hicode/外挂样板/采集挂/frmProcess.frm
  • ym_vb-waiguasrc/hicode/外挂样板/采集挂/gather0520.exe
    .exe windows:4 windows x86 arch:x86

    a2dc09fa9826202288cb65feb2ffb6e4


    Headers

    Imports

    Sections

  • ym_vb-waiguasrc/hicode/外挂样板/采集挂/mdlAPI.bas
    .vbs
  • ym_vb-waiguasrc/hicode/外挂样板/采集挂/mdlDec.bas
  • ym_vb-waiguasrc/hicode/外挂样板/采集挂/mdlSubCall.bas
  • ym_vb-waiguasrc/hicode/外挂样板/采集挂/mdlSubInfo.bas
  • ym_vb-waiguasrc/hicode/外挂样板/采集挂/pt.txt
  • ym_vb-waiguasrc/hicode/外挂样板/采集挂/tlbbcall.vbp
  • ym_vb-waiguasrc/hicode/外挂样板/采集挂/tlbbcall.vbw
  • ym_vb-waiguasrc/股票分析.url
    .url
  • ym_vb-waiguasrc/请先读我.htm
    .html