Overview

overview

6

Static

static

3

qqkeybord/...on.exe

windows7-x64

3

qqkeybord/...on.exe

windows10-2004-x64

3

qqkeybord/...nd.exe

windows7-x64

3

qqkeybord/...nd.exe

windows10-2004-x64

3

qqkeybord/...ok.dll

windows7-x64

3

qqkeybord/...ok.dll

windows10-2004-x64

3

qqkeybord/...py.exe

windows7-x64

6

qqkeybord/...py.exe

windows10-2004-x64

6

qqkeybord/...��.htm

windows7-x64

3

qqkeybord/...��.htm

windows10-2004-x64

3

qqkeybord/...��.url

windows7-x64

1

qqkeybord/...��.url

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    4174c7e39f537ad0fa05c03953f5f349_JaffaCakes118

  • Size

    828KB

  • MD5

    4174c7e39f537ad0fa05c03953f5f349

  • SHA1

    7cf7233e9679c196c4b9a3c9f1194fb717024d82

  • SHA256

    7b6500f4d631017668437b2801d4d197f4e2c57e60b42c18307cde72ca0fe35c

  • SHA512

    1dc1bf9f924eab8360296fcb3b17e8dea29ea4735e0e176c9e632a3cb6e2466612032142e837d8fcb6217a78594617e75327f3890a184d73d2d660372def5237

  • SSDEEP

    24576:MwnTfks82QNOrw3dOC12jw+5bh6jr9Fnmx6+sEyqwJ:Muo0/iL1Kw+5Ej/wJsEK

Score
3/10

Malware Config

Signatures

  • Unsigned PE 4 IoCs

    Checks for missing Authenticode signature.

Files

  • 4174c7e39f537ad0fa05c03953f5f349_JaffaCakes118
    .rar
  • qqkeybord/qqkeybord/Deamon.exe
    .exe windows:4 windows x86 arch:x86

    577a4a145a6e4b6747f79f0aa0ea7fa7


    Headers

    Imports

    Sections

  • qqkeybord/qqkeybord/Defend.dll
    .exe windows:4 windows x86 arch:x86

    6db9210c5a55bf71cfbe36b9122b6ed3


    Headers

    Imports

    Sections

  • qqkeybord/qqkeybord/Hook.dll
    .dll windows:4 windows x86 arch:x86

    3bbca40e43525864292083bef6280824


    Headers

    Imports

    Exports

    Sections

  • qqkeybord/qqkeybord/KeyboardSpy.exe
    .exe windows:4 windows x86 arch:x86

    957af2ee631070ecbb78050bd103b5c8


    Headers

    Imports

    Sections

  • qqkeybord/qqkeybord/KeyboardSpy.txt
  • qqkeybord/下载说明.htm
    .html
  • qqkeybord/飘down精品软件.url
    .url