Overview

overview

4

Static

static

3

Z-A-I-N/AutoColor.js

windows7-x64

3

Z-A-I-N/AutoColor.js

windows10-2004-x64

3

Z-A-I-N/Ne...uto.js

windows7-x64

3

Z-A-I-N/Ne...uto.js

windows10-2004-x64

3

Z-A-I-N/Ne...ask.js

windows7-x64

3

Z-A-I-N/Ne...ask.js

windows10-2004-x64

3

Z-A-I-N/Ne...ing.js

windows7-x64

3

Z-A-I-N/Ne...ing.js

windows10-2004-x64

3

Z-A-I-N/Ne...me.doc

windows7-x64

4

Z-A-I-N/Ne...me.doc

windows10-2004-x64

1

Z-A-I-N/Ne...lap.js

windows7-x64

3

Z-A-I-N/Ne...lap.js

windows10-2004-x64

3

Z-A-I-N/aK...es.ps1

windows7-x64

3

Z-A-I-N/aK...es.ps1

windows10-2004-x64

3

Z-A-I-N/acros.js

windows7-x64

3

Z-A-I-N/acros.js

windows10-2004-x64

3

Z-A-I-N/antispam.vbs

windows7-x64

1

Z-A-I-N/antispam.vbs

windows10-2004-x64

1

Z-A-I-N/dcx.dll

windows7-x64

1

Z-A-I-N/dcx.dll

windows10-2004-x64

1

Z-A-I-N/la...in.dll

windows7-x64

1

Z-A-I-N/la...in.dll

windows10-2004-x64

3

Z-A-I-N/la...in.dll

windows7-x64

1

Z-A-I-N/la...in.dll

windows10-2004-x64

3

Z-A-I-N/mR...RS.dll

windows7-x64

1

Z-A-I-N/mR...RS.dll

windows10-2004-x64

1

Z-A-I-N/mR...DX.dll

windows7-x64

1

Z-A-I-N/mR...DX.dll

windows10-2004-x64

1

Z-A-I-N/mR...in.dll

windows7-x64

1

Z-A-I-N/mR...in.dll

windows10-2004-x64

3

Z-A-I-N/mR...dio.js

windows7-x64

3

Z-A-I-N/mR...dio.js

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1bd1009893aaac3f94366d6951b642e5_JaffaCakes118

  • Size

    6.2MB

  • MD5

    1bd1009893aaac3f94366d6951b642e5

  • SHA1

    bf34420b0a04fcdc2e59111221c1555baa544e53

  • SHA256

    1c10a1afcc87f5084e145b0168d98788071613b0efb09381c405a0f7feb2fd06

  • SHA512

    934c5e50857ec3847419123161f1cc2b73531ac8e51a2ce6579beed1d9eafee228207922b942d5458d3d1a01028cb8fca6c683f4ff657982501e540e3e132bfd

  • SSDEEP

    196608:PLLNSHNiSTbppDF+N6C4DuxfPxYXrL8pxAg:DmiSpDF+Y9Kbxv

Score
3/10

Malware Config

Signatures

  • Unsigned PE 12 IoCs

    Checks for missing Authenticode signature.

Files

  • 1bd1009893aaac3f94366d6951b642e5_JaffaCakes118
    .rar
  • Z-A-I-N/Advertising.ini
  • Z-A-I-N/AutoColor
    .js
  • Z-A-I-N/BLackList.ini
  • Z-A-I-N/BanPro.ini
  • Z-A-I-N/Blocked.ini
  • Z-A-I-N/CloneScan.ini
  • Z-A-I-N/CooLNick.ini
  • Z-A-I-N/Ctcp.ini
  • Z-A-I-N/DALnet.ini
  • Z-A-I-N/DetectorCLone.ini
  • Z-A-I-N/Filter.ini
  • Z-A-I-N/Flood.ini
  • Z-A-I-N/Flood2.ini
  • Z-A-I-N/Found.txt
  • Z-A-I-N/FunNick.ini
  • Z-A-I-N/GuestKick.ini
  • Z-A-I-N/IRCopScan.ini
  • Z-A-I-N/InviteingKick.ini
  • Z-A-I-N/JoinFlood.ini
  • Z-A-I-N/New Folder/SockScanner.mrc
  • Z-A-I-N/New Folder/auto.op
  • Z-A-I-N/New Folder/auto.sys
    .js
  • Z-A-I-N/New Folder/blue.nnt
  • Z-A-I-N/New Folder/cs_ask.mrc
    .js
  • Z-A-I-N/New Folder/ping.mrc
    .js
  • Z-A-I-N/New Folder/readme.doc
    .doc windows office2003
  • Z-A-I-N/New Folder/slap-readme.txt
  • Z-A-I-N/New Folder/slap.ini
  • Z-A-I-N/New Folder/slap.mrc
    .js
  • Z-A-I-N/OpenProxy.ini
  • Z-A-I-N/PhonesKick.ini
  • Z-A-I-N/Power.jpg
    .jpg
  • Z-A-I-N/ProxyCatcher.mrc
  • Z-A-I-N/READ-ME.txt
  • Z-A-I-N/Seendata.hsh
  • Z-A-I-N/ShowOpv.ini
  • Z-A-I-N/Start.ini
  • Z-A-I-N/SwearKick.ini
  • Z-A-I-N/Thumbs.db
  • Z-A-I-N/UnBan.ini
  • Z-A-I-N/aKickCLones.ini
    .ps1
  • Z-A-I-N/acros readme.txt
  • Z-A-I-N/acros.hsh
  • Z-A-I-N/acros.mrc
    .js
  • Z-A-I-N/aliases.ini
  • Z-A-I-N/antispam.ini
  • Z-A-I-N/antispam.mrc
    .vbs
  • Z-A-I-N/autoLmits.ini
  • Z-A-I-N/autogreet.welcome
  • Z-A-I-N/away.mrc
  • Z-A-I-N/channels/IspMania.txt
  • Z-A-I-N/channels/Mazaonline.txt
  • Z-A-I-N/channels/Point4Fun.txt
  • Z-A-I-N/channels/Tafreeh.txt
  • Z-A-I-N/control.ini
  • Z-A-I-N/dcx.dll
    .dll windows:4 windows x86 arch:x86

    1e6b376da15ce6f218a7a2a9e806ceae


    Headers

    Imports

    Exports

    Sections

  • Z-A-I-N/exclude
  • Z-A-I-N/ini/users.ini
  • Z-A-I-N/ircintro.hlp
  • Z-A-I-N/kbp.mrc
  • Z-A-I-N/kickmsg.txt
  • Z-A-I-N/killmsg.txt
  • Z-A-I-N/lagbar/desktop.ini
  • Z-A-I-N/lagbar/lagbar.ini
  • Z-A-I-N/lagbar/lagbar/desktop.ini
  • Z-A-I-N/lagbar/lagbar/lagbar.ini
  • Z-A-I-N/lagbar/lagbar/readme-lagbar.txt
  • Z-A-I-N/lagbar/lagbar/tbwin.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • Z-A-I-N/lagbar/tbwin.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • Z-A-I-N/logs/status.log
  • Z-A-I-N/mRadio/BARS.MDX
    .dll windows:4 windows x86 arch:x86

    99eee5c933b3e274b3f9aa164c57762c


    Headers

    Imports

    Exports

    Sections

  • Z-A-I-N/mRadio/MDX.DLL
    .dll windows:4 windows x86 arch:x86

    34b86dab5c0b41a24220fe3732aef3a1


    Headers

    Imports

    Exports

    Sections

  • Z-A-I-N/mRadio/amp_in.dll
    .dll windows:4 windows x86 arch:x86

    31a78ca4c5719a55b0d6e9a65fd44551


    Headers

    Imports

    Exports

    Sections

  • Z-A-I-N/mRadio/mradio.ini
  • Z-A-I-N/mRadio/mradio.mrc
    .js
  • Z-A-I-N/mRadio/mradio_readme.txt
  • Z-A-I-N/mRadio/views.mdx
    .dll windows:4 windows x86 arch:x86

    07056cc36c129798d605c78512f748e3


    Headers

    Imports

    Exports

    Sections

  • Z-A-I-N/mirc.hlp
  • Z-A-I-N/mirc.ini
  • Z-A-I-N/mp3.mrc
  • Z-A-I-N/mp3console/MDX/MDX.DLL
    .dll windows:4 windows x86 arch:x86

    34b86dab5c0b41a24220fe3732aef3a1


    Headers

    Imports

    Exports

    Sections

  • Z-A-I-N/mp3console/MDX/bars.mdx
    .dll windows:4 windows x86 arch:x86

    99eee5c933b3e274b3f9aa164c57762c


    Headers

    Imports

    Exports

    Sections

  • Z-A-I-N/mp3console/MDX/ctl_gen.mdx
    .dll windows:4 windows x86 arch:x86

    36f31ad565ef7d1c14a9e5b079ac75ff


    Headers

    Imports

    Exports

    Sections

  • Z-A-I-N/mp3console/MDX/views.mdx
    .dll windows:4 windows x86 arch:x86

    07056cc36c129798d605c78512f748e3


    Headers

    Imports

    Exports

    Sections

  • Z-A-I-N/mp3console/Popups/POPUPS.DLL
    .dll windows:4 windows x86 arch:x86

    3a10814cb4c1ecb8f052f0ca2be9a655


    Headers

    Imports

    Exports

    Sections

  • Z-A-I-N/mp3console/mp3.ini
  • Z-A-I-N/mp3console/mp3.mrc
    .js
  • Z-A-I-N/mp3console/mp3f.ml
  • Z-A-I-N/mp3console/mp3i.ml
  • Z-A-I-N/nick/nc_help.txt
  • Z-A-I-N/nick/nc_styles.txt
  • Z-A-I-N/nick/nc_system.mrc
  • Z-A-I-N/perform.ini
  • Z-A-I-N/phlare_2k/Thumbs.db
  • Z-A-I-N/phlare_2k/background.jpg
    .jpg
  • Z-A-I-N/phlare_2k/background1.jpg
    .jpg
  • Z-A-I-N/phlare_2k/buttons.bmp
  • Z-A-I-N/phlare_2k/channel.jpg
    .jpg
  • Z-A-I-N/phlare_2k/message.jpg
    .jpg
  • Z-A-I-N/phlare_2k/phlare2k.skn
    .js
  • Z-A-I-N/phlare_2k/readme.txt
  • Z-A-I-N/phlare_2k/status.jpg
    .jpg
  • Z-A-I-N/phlare_2k/switchbar.jpg
    .jpg
  • Z-A-I-N/phlare_2k/toolbar.jpg
    .jpg
  • Z-A-I-N/phlare_2k/window.jpg
    .jpg
  • Z-A-I-N/popups.ini
  • Z-A-I-N/readme.txt
  • Z-A-I-N/readme1.txt
  • Z-A-I-N/remote.ini
  • Z-A-I-N/reply
  • Z-A-I-N/script1.ini
  • Z-A-I-N/securequery/logs.ini
  • Z-A-I-N/securequery/names.txt
  • Z-A-I-N/seen.mrc
    .js
  • Z-A-I-N/servers.ini
  • Z-A-I-N/slaps.dat
  • Z-A-I-N/slaps.mrc
    .js
  • Z-A-I-N/sounds/11.wav
  • Z-A-I-N/sounds/12.wav
  • Z-A-I-N/sounds/6.wav
  • Z-A-I-N/sounds/7.wav
  • Z-A-I-N/sounds/8.wav
  • Z-A-I-N/sounds/9.wav
  • Z-A-I-N/sounds/Chat.wav
  • Z-A-I-N/sounds/ConAborted.wav
  • Z-A-I-N/sounds/Msg.wav
  • Z-A-I-N/sounds/Notice.wav
  • Z-A-I-N/sounds/Notify.WAV
  • Z-A-I-N/sounds/Start.wav
  • Z-A-I-N/sounds/alarm.wav
  • Z-A-I-N/sounds/away.wav
  • Z-A-I-N/sounds/close.wav
  • Z-A-I-N/sounds/deop.wav
  • Z-A-I-N/sounds/failed.wav
  • Z-A-I-N/sounds/ignore.wav
  • Z-A-I-N/sounds/input.WAV
  • Z-A-I-N/sounds/inviter.wav
  • Z-A-I-N/sounds/kick.wav
  • Z-A-I-N/sounds/slap.wav
  • Z-A-I-N/swearkick.txt
  • Z-A-I-N/thank.you
  • Z-A-I-N/traceip.mrc
    .js
  • Z-A-I-N/urls.ini
  • Z-A-I-N/versions.txt