Overview

overview

7

Static

static

7

Aws.exe

windows7-x64

6

Aws.exe

windows10-2004-x64

6

admin_sz.asp

windows7-x64

3

admin_sz.asp

windows10-2004-x64

3

bbs_admin.vbs

windows7-x64

1

bbs_admin.vbs

windows10-2004-x64

1

bbs_admin_hf.vbs

windows7-x64

1

bbs_admin_hf.vbs

windows10-2004-x64

1

bbs_bj.vbs

windows7-x64

1

bbs_bj.vbs

windows10-2004-x64

1

bbs_list.vbs

windows7-x64

1

bbs_list.vbs

windows10-2004-x64

1

bbs_sy.asp

windows7-x64

3

bbs_sy.asp

windows10-2004-x64

3

bbs_tj.vbs

windows7-x64

1

bbs_tj.vbs

windows10-2004-x64

1

bbs_type.vbs

windows7-x64

1

bbs_type.vbs

windows10-2004-x64

1

bbs_type_zl.vbs

windows7-x64

1

bbs_type_zl.vbs

windows10-2004-x64

1

bbs_yt.vbs

windows7-x64

1

bbs_yt.vbs

windows10-2004-x64

1

check.vbs

windows7-x64

1

check.vbs

windows10-2004-x64

1

conn.vbs

windows7-x64

1

conn.vbs

windows10-2004-x64

1

cs.asp

windows7-x64

3

cs.asp

windows10-2004-x64

3

faq.vbs

windows7-x64

1

faq.vbs

windows10-2004-x64

1

filesc.vbs

windows7-x64

1

filesc.vbs

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    07e02fd795a826e885344ad4a92955da_JaffaCakes118

  • Size

    840KB

  • MD5

    07e02fd795a826e885344ad4a92955da

  • SHA1

    c89404b1721210ca79729e43bb2e9d7c03af6585

  • SHA256

    b43b08fbcd52afaaf402e0260dfbd6828270af5789110df577792865247eb18d

  • SHA512

    b5d33efb43d51aa8754ff12dc4d7b5182e16ac2e711a3379e5ccc39d2e5206f14734dc20634991aad52de55a30c17aa6f4f741b6a75a0191c3e91b420ab492df

  • SSDEEP

    24576:0pA2asCm7GkXRTQW8XUCFMx8EwLk8tXIXe3i:UaPmKkfnCCSLbZIXe3i

Score
7/10
aspackv2

Malware Config

Signatures

  • ASPack v2.12-2.42 1 IoCs

    Detects executables packed with ASPack v2.12-2.42

    aspackv2
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 07e02fd795a826e885344ad4a92955da_JaffaCakes118
    .rar
  • #faq.mdb
  • Aws.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • admin_sz.asp
  • banquan.htm
    .html .js polyglot
  • bbs_admin.asp
    .vbs
  • bbs_admin_hf.asp
    .vbs
  • bbs_bj.asp
    .vbs
  • bbs_list.asp
    .vbs
  • bbs_sy.asp
  • bbs_tj.asp
    .vbs
  • bbs_type.asp
    .vbs
  • bbs_type_zl.asp
    .vbs
  • bbs_yt.asp
    .vbs
  • check.asp
    .vbs
  • conn.asp
    .vbs
  • cs.asp
  • faq.asp
    .vbs
  • filesc.asp
    .vbs
  • images/Ask.gif
    .gif
  • images/Back.gif
    .gif
  • images/Divider.gif
    .gif
  • images/Favorites.gif
    .gif
  • images/Forward.gif
    .gif
  • images/Home.gif
    .gif
  • images/Print.gif
    .gif
  • images/Topics.gif
    .gif
  • images/dashed.gif
    .gif
  • images/imgDivider.gif
    .gif
  • images/lltj.gif
    .jpg
  • images/logo.gif
    .gif
  • images/logo1.gif
    .gif
  • images/percent.GIF
  • images/yr_top_1000.gif
    .gif
  • images/yr_top_780.gif
    .gif
  • images/新云软件.url
    .url
  • index.asp
  • js.asp
    .js
  • publish.htm
    .html .js polyglot
  • style.css
  • tb_admin.asp
    .vbs
  • tb_dl.asp
    .vbs
  • tb_gl.asp
    .vbs
  • tb_js.asp
    .js
  • tb_sz.asp
  • tb_wjt.asp
    .js
  • tb_wjw.asp
    .vbs
  • tb_wt.asp
    .vbs
  • 运行此目录中的Aws.exe即可调试.txt