Overview

overview

8

Static

static

7

Gualib.dll

windows7-x64

3

Gualib.dll

windows10-2004-x64

3

zip.dll

windows7-x64

3

zip.dll

windows10-2004-x64

3

�....3.exe

windows7-x64

7

�....3.exe

windows10-2004-x64

7

�...��.exe

windows7-x64

7

�...��.exe

windows10-2004-x64

7

�...��.exe

windows7-x64

8

�...��.exe

windows10-2004-x64

8

�...ss.dll

windows7-x64

3

�...ss.dll

windows10-2004-x64

3

�....0.exe

windows7-x64

7

�....0.exe

windows10-2004-x64

7

һ�...��.exe

windows7-x64

7

һ�...��.exe

windows10-2004-x64

7

�...��.url

windows7-x64

1

�...��.url

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    25b000ca5347cc7b82250382f6611bff_JaffaCakes118

  • Size

    23.3MB

  • MD5

    25b000ca5347cc7b82250382f6611bff

  • SHA1

    6db41d767474f450f7602420ab36642b75c5e83e

  • SHA256

    de56e692972c37c8e33f8d1981843bbfcf8d50a60b645f3667db77c6a882187f

  • SHA512

    bfc1b389dd64ba05d7849e8ad25138764de57fe0f5d72cf9ef426d0ecc35e4156fd1341f6a3209b235952dba264b784194a0d1c82649e4490ac7894f16154c0a

  • SSDEEP

    393216:XOcAMGTcF0rXsnR4bdXMY0RG2ZXJXxWOgng79K8OiveUQulpfJ2:e9dYR4bdheGiZxgngU8tt38

Score
7/10
vmprotect

Malware Config

Signatures

  • VMProtect packed file 4 IoCs

    Detects executables packed with VMProtect commercial packer.

    vmprotect
  • Unsigned PE 8 IoCs

    Checks for missing Authenticode signature.

Files

  • 25b000ca5347cc7b82250382f6611bff_JaffaCakes118
    .zip
  • Gualib.dll
    .dll windows:5 windows x86 arch:x86

    a4821deaa78bee29c60aea26923585b2


    Headers

    Imports

    Exports

    Sections

  • updata/updata.zip
    .zip
  • data/ChrSel.WIX
  • data/ChrSel.wil
  • zip.dll
    .dll windows:5 windows x86 arch:x86

    223080e5efcd152f98f298fd811d7f39


    Headers

    Imports

    Exports

    Sections

  • ʹ˵.txt
  • o߃հ1.5.3.exe
    .exe windows:5 windows x86 arch:x86

    0f5d91ee227edf833f8d662fe55bdc70


    Headers

    Imports

    Sections

  • .exe
    .exe windows:4 windows x86 arch:x86

    32c3bed95a05e5b2cbc3e3d7e59f4915


    Headers

    Imports

    Sections

  • ༭ʹ˵.txt
  • ͨñ.exe
    .exe windows:5 windows x86 arch:x86

    37b3466a0fedc3c27e0b1b98ec181d55


    Headers

    Imports

    Sections

  • ͨöҩű/aupdata/data02.zip
    .zip
  • data/GamePlan.WIX
  • data/GamePlan.Wil
  • data/NewopUI.WIX
  • data/NewopUI.Wil
  • ͨöҩű/zipclass.dll
    .dll windows:5 windows x86 arch:x86

    223080e5efcd152f98f298fd811d7f39


    Headers

    Imports

    Exports

    Sections

  • ͨöҩű/ʹ÷.txt
  • ͨöҩű/ͨöҩű1.0.exe
    .exe windows:5 windows x86 arch:x86

    2a0ee93a15fab53e95debd72110d0e50


    Headers

    Imports

    Sections

  • һű༭.exe
    .exe windows:5 windows x86 arch:x86

    1ab64df09afc35e5ff57a5a5556fc195


    Headers

    Imports

    Sections

  • Ϸ.txt
  • Ϸ.url
    .url