InstHookProc
UnInstHookProc
General
-
Target
3bfad05cfa278ae98216407e03b01bb8_JaffaCakes118
-
Size
1.0MB
-
MD5
3bfad05cfa278ae98216407e03b01bb8
-
SHA1
182ae9fabe7d265941185f84c61c0c0f5de02703
-
SHA256
7babc8dfb53bd1039370a045666963335096ef26831301d7d035a03140fb1844
-
SHA512
172df123d86b9bcf31a0093c3d167dd2156162f9b5ee7ce2e9a5ecba24fe9dce15d768868c85c1ca577e0c8b4a5b274b5049cccd4b9492089f74d1857db1f48f
-
SSDEEP
24576:eA/iGEntepKw9LA+J/NFckf0bhrlzHlET9bap3qTiyZz8WOCns1R9QN7x9ShB:BcnwKyL5X8tpzHOT9baETnptjnYm9G
Score
7/10
Malware Config
Signatures
-
ACProtect 1.3x - 1.4x DLL software 1 IoCs
Detects file using ACProtect software.
-
ASPack v2.12-2.42 3 IoCs
Detects executables packed with ASPack v2.12-2.42
-
UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Unsigned PE 4 IoCs
Checks for missing Authenticode signature.
Files
-
3bfad05cfa278ae98216407e03b01bb8_JaffaCakes118
-
920J传奇网.url
-
JSY.dll
Headers
Exports
Sections
-
Jsy.exe
Headers
Sections
-
WGSHELL.DLL
Headers
Exports
Sections
-
bmpinfo.bin
-
jsy.dat
Headers
Sections
-
mapinfo.bin
-
加速器下载.url
-
外挂下载.url
-
登陆器下载.url