Overview

overview

7

Static

static

7

ע�...�).exe

windows7-x64

3

ע�...�).exe

windows10-2004-x64

3

ж�...60.exe

windows7-x64

5

ж�...60.exe

windows10-2004-x64

5

滻�...te.dll

windows7-x64

5

滻�...te.dll

windows10-2004-x64

5

滻�...IL.dll

windows7-x64

5

滻�...IL.dll

windows10-2004-x64

5

滻�...IL.dll

windows7-x64

5

滻�...IL.dll

windows10-2004-x64

5

Sharing

Copy URL Twitter E-mail

General

  • Target

    449ea471131890b9006824c206497ab1_JaffaCakes118

  • Size

    2.7MB

  • MD5

    449ea471131890b9006824c206497ab1

  • SHA1

    d9fa73840e149c3df191b18594ff44d0b887ce8b

  • SHA256

    9f41088caab09274f60680555a67f7a88fdb69ec962f2d4b5860e46d50352701

  • SHA512

    745d3a99f3be9baa48a4d6a0f17397ce09b1cc7f4e349bf775cae7c02eb9c20a801899e51decea938027f0cb99cfe7ff7407232205ba9d4e9c0b9c18a6aeb245

  • SSDEEP

    49152:eXxbbLHyORSpkBH4F/2xvCufIFis3zAOZbuNpNpr8W5etyhWgSiuFaLlbooh9e:ehbbzRSpkBYF/2x3IFisTCNh8W5SyhWd

Score
7/10
upx

Malware Config

Signatures

  • ACProtect 1.3x - 1.4x DLL software 3 IoCs

    Detects file using ACProtect software.

  • UPX packed file 4 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 5 IoCs

    Checks for missing Authenticode signature.

Files

  • 449ea471131890b9006824c206497ab1_JaffaCakes118
    .zip
  • ˵(ʹñض).txt
  • ע汾/ж(ע).exe
    .exe windows:4 windows x86 arch:x86

    429f539d86f0aef997381ae522ea4ab4


    Headers

    Imports

    Sections

  • 下载说明.htm
    .html .js polyglot
  • ж4060.exe
    .exe windows:4 windows x86 arch:x86

    d85e97d1b549ba6f26b7db0525e5bf91


    Headers

    Imports

    Sections

  • 滻ļ汾1/Calculate.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • 滻ļ汾1/DevIL.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • 滻ļ汾1/˵.txt
  • 滻ļ汾2/DevIL.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • 滻ļ汾2/˵.txt