Overview

overview

7

Static

static

7

FTPNow/FTPNow.exe

windows7-x64

7

FTPNow/FTPNow.exe

windows10-2004-x64

7

FTPNow/ftpnow26.chm

windows7-x64

1

FTPNow/ftpnow26.chm

windows10-2004-x64

1

FTPNow/mfc42.dll

windows7-x64

1

FTPNow/mfc42.dll

windows10-2004-x64

1

FTPNow/新...��.url

windows7-x64

1

FTPNow/新...��.url

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    1bcb1201bb940ce05b24aba8317b5a8b_JaffaCakes118

  • Size

    563KB

  • MD5

    1bcb1201bb940ce05b24aba8317b5a8b

  • SHA1

    2d9b1e31dac9f33c8c7ec0aa777db548abed1e40

  • SHA256

    bed75a2f2b09e6a0f0e009a8ad4ce54324f5389bc86d968a68440e743e9d88e4

  • SHA512

    0f1efd2e81e16abb0ddb947d0009f489d5e3594469a0bfad2c2d18883af2a95f8ad570424bcd1d2b508e3f6c2f725a58e4cf99945345fca48636d1e78f3c2de2

  • SSDEEP

    12288:jB0TRs0/rsAR+X8zJzuB3IyLj74yehOv7Jt+T39nskWYQieWP:jBcOAJ+3IQj7fMOjJgj9nbWYBdP

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • 1bcb1201bb940ce05b24aba8317b5a8b_JaffaCakes118
    .rar
  • FTPNow/FTPNow.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • FTPNow/ftpnow26.chm
    .chm
  • FTPNow/heading_ss.gif
    .gif
  • FTPNow/mfc42.dll
    .dll regsvr32 windows:4 windows x86 arch:x86

    f9a6d48b4db89541699313524a5cdd4a


    Headers

    Imports

    Exports

    Sections

  • FTPNow/sites.xml
    .xml
  • FTPNow/新云软件.url
    .url