Overview

overview

8

Static

static

3

n00bkit/Re...it.exe

windows7-x64

8

n00bkit/Re...it.exe

windows10-2004-x64

8

n00bkit/n00bkit.vbs

windows7-x64

1

n00bkit/n00bkit.vbs

windows10-2004-x64

1

n00bkit/n00bkit.html

windows7-x64

1

n00bkit/n00bkit.html

windows10-2004-x64

1

n00bkit/nt...le.vbs

windows7-x64

1

n00bkit/nt...le.vbs

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    6ee37713470bc5c9e8044ffa0237b45f_JaffaCakes118

  • Size

    1.7MB

  • MD5

    6ee37713470bc5c9e8044ffa0237b45f

  • SHA1

    f0ebe5ea67dbd131ff090f32261c48c03990363b

  • SHA256

    6f7e4c91969d5295b52f3aa8e9c2205611cbc033423c66159b5c790cf1aeee0e

  • SHA512

    4d180a08534423659799e8e1dccdab4a81211c70f61e0e240923e5cbf85a128ec1372bde61bdb6e95248a25efd3908f6aac45c4bcdbff45c61d161b2bdaaec74

  • SSDEEP

    49152:hhft8gtmRDSYOFTIXtkS3DEJkFjmUuSSPeyFTL1YtU:PCgI5SH08Yj3uzhlYtU

Score
3/10

Malware Config

Signatures

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 6ee37713470bc5c9e8044ffa0237b45f_JaffaCakes118
    .zip

    Password: infected

  • n00bkit/LDE32.OBJ
  • n00bkit/LIBCTINY.LIB
  • n00bkit/Release/config.obj
  • n00bkit/Release/config.res
  • n00bkit/Release/engine.obj
  • n00bkit/Release/enumservicegroupw.obj
  • n00bkit/Release/enumservicesstatusa.obj
  • n00bkit/Release/enumservicesstatusexa.obj
  • n00bkit/Release/enumservicesstatusexw.obj
  • n00bkit/Release/ldrinitializethunk.obj
  • n00bkit/Release/ldrloaddll.obj
  • n00bkit/Release/ldrunloaddll.obj
  • n00bkit/Release/lsalogonuser.obj
  • n00bkit/Release/misc.obj
  • n00bkit/Release/n00bkit.exe
    .exe windows:4 windows x86 arch:x86

    28b45f8f834f167a24ab64bd4ecf3a1d


    Headers

    Imports

    Sections

  • n00bkit/Release/n00bkit.obj
  • n00bkit/Release/n00bkit.pch
  • n00bkit/Release/ntcreatefile.obj
  • n00bkit/Release/ntdeviceiocontrolfile.obj
  • n00bkit/Release/ntenumeratekey.obj
  • n00bkit/Release/ntenumeratevaluekey.obj
  • n00bkit/Release/ntopenfile.obj
  • n00bkit/Release/ntopenprocess.obj
  • n00bkit/Release/ntquerydirectoryfile.obj
  • n00bkit/Release/ntquerykey.obj
  • n00bkit/Release/ntquerysysteminformation.obj
  • n00bkit/Release/ntqueryvirtualmemory.obj
  • n00bkit/Release/ntqueryvolumeinformationfile.obj
  • n00bkit/Release/ntreadfile.obj
  • n00bkit/Release/ntreadvirtualmemory.obj
  • n00bkit/Release/ntresumethread.obj
  • n00bkit/Release/ntsavekey.obj
  • n00bkit/Release/ntsavemergedkeys.obj
  • n00bkit/Release/ntvdmcontrol.obj
  • n00bkit/Release/recv.obj
  • n00bkit/Release/regraw.obj
  • n00bkit/Release/safe.obj
  • n00bkit/Release/ssl_read.obj
  • n00bkit/Release/vc60.idb
  • n00bkit/Release/wnetuseconnectionw.obj
  • n00bkit/Release/wsarecv.obj
  • n00bkit/config.aps
  • n00bkit/config.c
  • n00bkit/config.h
  • n00bkit/config.rc
  • n00bkit/engine.c
  • n00bkit/engine.h
  • n00bkit/engine_backup.c
  • n00bkit/enumservicegroupw.c
  • n00bkit/enumservicegroupw.h
  • n00bkit/enumservicesstatusa.c
  • n00bkit/enumservicesstatusa.h
  • n00bkit/enumservicesstatusexa.c
  • n00bkit/enumservicesstatusexa.h
  • n00bkit/enumservicesstatusexw.c
  • n00bkit/enumservicesstatusexw.h
  • n00bkit/fileraw.h
  • n00bkit/ldrloaddll.c
  • n00bkit/ldrloaddll.h
  • n00bkit/ldrunloaddll.c
  • n00bkit/ldrunloaddll.h
  • n00bkit/lsalogonuser.c
  • n00bkit/lsalogonuser.h
  • n00bkit/misc.c
  • n00bkit/misc.h
  • n00bkit/n00bk1t.h
  • n00bkit/n00bk1t.txt
  • n00bkit/n00bkit.c
    .vbs
  • n00bkit/n00bkit.dsp
  • n00bkit/n00bkit.dsw
  • n00bkit/n00bkit.ncb
  • n00bkit/n00bkit.opt
  • n00bkit/n00bkit.plg
    .html
  • n00bkit/ntcreatefile.c
  • n00bkit/ntcreatefile.h
  • n00bkit/ntdeviceiocontrolfile.c
  • n00bkit/ntdeviceiocontrolfile.h
  • n00bkit/ntdll.h
  • n00bkit/ntdll.lib
  • n00bkit/ntenumeratekey.c
  • n00bkit/ntenumeratekey.h
  • n00bkit/ntenumeratevaluekey.c
  • n00bkit/ntenumeratevaluekey.h
  • n00bkit/ntopenfile.c
  • n00bkit/ntopenfile.h
  • n00bkit/ntopenprocess.c
  • n00bkit/ntopenprocess.h
  • n00bkit/ntquerydirectoryfile.c
  • n00bkit/ntquerydirectoryfile.h
  • n00bkit/ntquerysysteminformation.c
  • n00bkit/ntquerysysteminformation.h
  • n00bkit/ntqueryvirtualmemory.c
  • n00bkit/ntqueryvirtualmemory.h
  • n00bkit/ntqueryvolumeinformationfile.c
    .vbs
  • n00bkit/ntqueryvolumeinformationfile.h
  • n00bkit/ntreadfile.c
  • n00bkit/ntreadfile.h
  • n00bkit/ntreadvirtualmemory.c
  • n00bkit/ntreadvirtualmemory.h
  • n00bkit/ntresumethread.c
  • n00bkit/ntresumethread.h
  • n00bkit/ntsavekey.c
  • n00bkit/ntsavekey.h
  • n00bkit/ntsavemergedkeys.c
  • n00bkit/ntsavemergedkeys.h
  • n00bkit/ntstatus.h
  • n00bkit/ntvdmcontrol.c
  • n00bkit/ntvdmcontrol.h
  • n00bkit/randoma.h
  • n00bkit/randomam.lib
  • n00bkit/recv.c
  • n00bkit/recv.h
  • n00bkit/regraw.c
  • n00bkit/regraw.h
  • n00bkit/resource.h
  • n00bkit/safe.c
  • n00bkit/safe.h
  • n00bkit/ssl_read.c
  • n00bkit/ssl_read.h
  • n00bkit/wnetuseconnectionw.c
  • n00bkit/wnetuseconnectionw.h
  • n00bkit/wsarecv.c
  • n00bkit/wsarecv.h