Overview

overview

5

Static

static

5

星期八�...a4.exe

windows7-x64

3

星期八�...a4.exe

windows10-2004-x64

3

星期八�...TA.exe

windows7-x64

1

星期八�...TA.exe

windows10-2004-x64

3

星期八�...PX.exe

windows7-x64

5

星期八�...PX.exe

windows10-2004-x64

5

星期八�...id.dll

windows7-x64

3

星期八�...id.dll

windows10-2004-x64

3

星期八�...Ex.dll

windows7-x64

3

星期八�...Ex.dll

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    4503ed59182a1703c7f8a847fb797fb7_JaffaCakes118

  • Size

    872KB

  • MD5

    4503ed59182a1703c7f8a847fb797fb7

  • SHA1

    2a01682e562d19021a574ac50612d6d42b77c54b

  • SHA256

    a5d2fdccf4a3c655466d59ec775e053be78c279db1e3fe26bce5641cde6690bc

  • SHA512

    c9171b3fd0eaa48f656f62c6f9ea59e761685b482db5938351a9b898fe9c6d59c57408cd7680f00b89bc17a5807fa8501c16d8b5259c06a885162855853ab21d

  • SSDEEP

    24576:IAb0oifRjpuC2Nx+ASb+Vu9FyITvAKf9nCbsP9:ItouRjpudNx+Pb5RUMCwP9

Score
5/10
upx

Malware Config

Signatures

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 5 IoCs

    Checks for missing Authenticode signature.

Files

  • 4503ed59182a1703c7f8a847fb797fb7_JaffaCakes118
    .rar
  • 星期八专用远控内部第3版/2010_Beta4.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • 星期八专用远控内部第3版/Config.ini
  • 星期八专用远控内部第3版/DATA/DATA.FILE
    .exe windows:0 windows x86 arch:x86


    Headers

    Sections

  • 星期八专用远控内部第3版/DATA/UPX.File
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • 星期八专用远控内部第3版/QQWry.DAT
  • 星期八专用远控内部第3版/Rapid.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • 星期八专用远控内部第3版/RapidEx.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections