General

  • Target

    309ed9cb4475dcb4a24401fc99fa5e02_JaffaCakes118

  • Size

    383KB

  • MD5

    309ed9cb4475dcb4a24401fc99fa5e02

  • SHA1

    1dba2236fa43746b3375e67a5c849f15f312c528

  • SHA256

    9a731c5ae37fe71a308ccc0f7d4ba063fe16d5d2ca222c504f4d820d925cded7

  • SHA512

    5df7bae728a98fa7a76337af15369b3b35b67b8ea69bf5c7349a450bb7dc9a1647de75fb7827dc1605b22b1f8d29cd8c8212619a828db60d59c1b1384037f9d0

  • SSDEEP

    6144:2zPvwpL96nzlj2jouPnbptBye267iPS8wRordyrIpLB5Zv4SuBPBsSIFhrEJ1Ew/:2zPo2IJ/4etmPHfdyrIpLGFBMFhY4whJ

Score
7/10
upx

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 1 IoCs

    Detects file using ACProtect software.

  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 3 IoCs

    Checks for missing Authenticode signature.

Files

  • 309ed9cb4475dcb4a24401fc99fa5e02_JaffaCakes118
    .zip
  • QQMoTiandl/QQMoTiandl.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • QQMoTiandl/SkinH_VB6.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • QQMoTiandl/uzzfɫ.url
  • QQMoTiandl/uzzf.txt
  • QQMoTiandl/ĵ.txt
  • QQMoTiandl/ɱ.txt
  • QQMoTiandl/ .txt