Overview

overview

7

Static

static

1

nolock/ajax.js

windows7-x64

3

nolock/ajax.js

windows10-2004-x64

3

nolock/block-ip.sh

ubuntu-18.04-amd64

1

nolock/block-ip.sh

debian-9-armhf

1

nolock/block-ip.sh

debian-9-mips

nolock/block-ip.sh

debian-9-mipsel

nolock/cp.jar

windows7-x64

1

nolock/cp.jar

windows10-2004-x64

7

nolock/data.jar

windows7-x64

1

nolock/data.jar

windows10-2004-x64

7

nolock/exp...01.vbs

windows7-x64

1

nolock/exp...01.vbs

windows10-2004-x64

1

nolock/exp...x.html

windows7-x64

1

nolock/exp...x.html

windows10-2004-x64

1

nolock/serial.jar

windows7-x64

1

nolock/serial.jar

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

Errors

Reason
zip: checksum error
Reason
zip: checksum error

General

  • Target

    07f3532e7388e244d0d1a4976c02d45e_JaffaCakes118

  • Size

    1.6MB

  • MD5

    07f3532e7388e244d0d1a4976c02d45e

  • SHA1

    99babdfb42d452e66b1ba0c81ea68c6900f0002a

  • SHA256

    3ffcc615cb17ae8f7d434b14d8e20fe549b1f74ba93461d039c932b565c0a295

  • SHA512

    3115840c2848546c28dfb06368d2e253329f9a5e16f8e12882d35581006a66eaef9daf170c7fa0604c706ca9236bfad224acfe8dbe205020465a02f44881f9c6

  • SSDEEP

    49152:zFRcCIBrupxlS/sPAxQUh6FZ7/w0MGXzRNfxdE7G5f1S0rzCsL1:zFRcCyRsP6QtFRKevpdGqfmw

Score
1/10

Malware Config

Signatures

Files

  • 07f3532e7388e244d0d1a4976c02d45e_JaffaCakes118
    .zip
  • ip-to-country.csv
  • nolock/CP-ENC-1633.php
  • nolock/CP-ENC-1993.php
  • nolock/CP-ENC-3754.php
  • nolock/CP-ENC-5364.php
  • nolock/CP-ENC-6236.php
  • nolock/CP-ENC-7274.php
  • nolock/CP-ENC-7531.php
  • nolock/README.txt
  • nolock/ajax.js
    .js
  • nolock/block-ip.sh
    .sh linux
  • nolock/control.php
  • nolock/cp.jar
    .jar
  • nolock/cryptor.php
    .js .pdf polyglot
  • nolock/data.jar
    .jar
  • nolock/exploits/001.ini
    .vbs
  • nolock/exploits/001.php
  • nolock/exploits/002.ini
  • nolock/exploits/002.php
  • nolock/exploits/003.ini
  • nolock/exploits/003.php
  • nolock/exploits/004.ini
  • nolock/exploits/004.php
  • nolock/exploits/005.ini
  • nolock/exploits/005.php
  • nolock/exploits/006.ini
  • nolock/exploits/006.php
  • nolock/exploits/007.ini
  • nolock/exploits/007.php
  • nolock/exploits/008.ini
  • nolock/exploits/008.php
  • nolock/exploits/009.ini
  • nolock/exploits/009.php
  • nolock/exploits/010.ini
  • nolock/exploits/010.php
  • nolock/exploits/011.ini
  • nolock/exploits/011.php
  • nolock/exploits/012.ini
  • nolock/exploits/012.php
  • nolock/exploits/013.ini
  • nolock/exploits/013.php
  • nolock/exploits/014.ini
  • nolock/exploits/014.php
  • nolock/exploits/index.html
  • nolock/happy.gif
    .gif
  • nolock/hcp.php
  • nolock/hcp.stuff.php
  • nolock/img/1.png
    .png
  • nolock/img/2.png
    .png
  • nolock/img/3.png
    .png
  • nolock/img/4.png
    .png
  • nolock/img/ajax-error.png
    .png
  • nolock/img/bad.png
    .png
  • nolock/img/bg.jpg
    .jpg
  • nolock/img/bgdark.jpg
  • nolock/img/blacklist.png
    .png
  • nolock/img/br.png
    .png
  • nolock/img/browsers.png
    .png
  • nolock/img/co.png
    .png
  • nolock/img/dot.png
    .png
  • nolock/img/el.png
    .png
  • nolock/img/good.png
    .png
  • nolock/img/in.png
    .png
  • nolock/img/loading.gif
    .gif
  • nolock/img/login.jpg
    .jpg
  • nolock/img/logo.png
    .png
  • nolock/img/os.png
    .png
  • nolock/img/ovs.png
    .png
  • nolock/img/re.png
    .png
  • nolock/img/se.png
    .png
  • nolock/img/style.css
  • nolock/img/tc.png
    .png
  • nolock/img/tco.png
    .png
  • nolock/img/wrn.png
    .png
  • nolock/index.php
  • nolock/install.php
  • nolock/ips.txt
  • nolock/java.php
  • nolock/load.php
  • nolock/pdf.php
  • nolock/robots.txt
  • nolock/serial.jar
    .jar
  • nolock/showflag.php
  • passwor daccess.txt
  • swateam.nfo