General
-
Target
17c4f589f5e3ca98889922b7323f9bde_JaffaCakes118
-
Size
638KB
-
MD5
17c4f589f5e3ca98889922b7323f9bde
-
SHA1
18b820633fab2205a52949905d5227f8ad952153
-
SHA256
28f610e14669736b87cd511b485e8113b8413f2646f7d8f0d3f41d3afdd618e3
-
SHA512
0e29d00ae332de9ed5fa70e09c63f51be0791800309f669b66b71b727dbd5cb98f02f87752b93f75e832185c77262340522aa26152dbe6dc4144c494ce70d9bf
-
SSDEEP
12288:kICBmHfasSmCmnI7Z+0az6w6CRze2t/e6DuGIbcetoo4n9sCc:klWfk3Z+Pz6qep6KGIcZxc
Score
8/10
Malware Config
Signatures
-
Patched UPX-packed file 1 IoCs
Sample is packed with UPX but required header fields are zeroed out to prevent unpacking with the default UPX tool.
-
UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
Files
-
17c4f589f5e3ca98889922b7323f9bde_JaffaCakes118
-
source/bot/checksum.c
-
source/bot/headers/checksum.h
-
source/bot/headers/includes.h
-
source/bot/headers/killer.h
-
source/bot/headers/rand.h
-
source/bot/headers/scanner.h
-
source/bot/headers/util.h
-
source/bot/headers/xor.h
-
source/bot/killer.c
-
source/bot/main.c
-
source/bot/rand.c
-
source/bot/scanner.c
-
source/bot/util.c
-
source/bot/xor.c
-
source/cnc/admin.txt
-
source/cnc/cnc.c
-
source/construct.sh
-
source/dlr/build.sh
-
source/dlr/main.c
-
source/loader/build.sh
-
source/loader/checker.py
-
source/loader/src/binary.c
-
source/loader/src/connection.c
-
source/loader/src/headers/binary.h
-
source/loader/src/headers/config.h
-
source/loader/src/headers/connection.h
-
source/loader/src/headers/includes.h
-
source/loader/src/headers/server.h
-
source/loader/src/headers/telnet_info.h
-
source/loader/src/headers/util.h
-
source/loader/src/main.c
-
source/loader/src/server.c
-
source/loader/src/telnet_info.c
-
source/loader/src/util.c
-
source/setup.txt
-
source/tools/scanListen.go
-
source/tools/scanner_enc.c
-
source/tools/table_enc.c
-
source/tools/upx