Overview

overview

8

Static

static

7

Azags VBS....ix.vbs

windows7-x64

1

Azags VBS....ix.vbs

windows10-2004-x64

1

I-Worm Sar...th.exe

windows7-x64

4

I-Worm Sar...th.exe

windows10-2004-x64

4

mbh.exe

windows7-x64

8

mbh.exe

windows10-2004-x64

8

MBH.exe

windows7-x64

1

MBH.exe

windows10-2004-x64

1

MBH.exe

windows7-x64

1

MBH.exe

windows10-2004-x64

1

killbill2.exe

windows7-x64

7

killbill2.exe

windows10-2004-x64

7

mbh2.exe

windows7-x64

1

mbh2.exe

windows10-2004-x64

1

mbhz/mbhz.exe

windows7-x64

8

mbhz/mbhz.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    2740f1cfa443d89e721387dcc1a72158_JaffaCakes118

  • Size

    911KB

  • MD5

    2740f1cfa443d89e721387dcc1a72158

  • SHA1

    366a888b3b9d1d13e529b0c309acdfad6043c144

  • SHA256

    ceabfafe0697e5060e7bbaa714248382b863739c08579bf9e9fe5862aa44fe85

  • SHA512

    c72091a419db18a09c804a65d5b01912839d99e1bf25178f9e8b68a4b7e68c79f5611094597729a51a90e5b6fd296d0e729cbed6b2ffc95801aec686d430715d

  • SSDEEP

    24576:QUNsNbenhyl2L8piOKgA+Zyf0GbjOSZZ6WyWzOl:QUsNbene2L8pO8yf0GG9WhOl

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 8 IoCs

    Checks for missing Authenticode signature.

Files

  • 2740f1cfa443d89e721387dcc1a72158_JaffaCakes118
    .zip
  • azag vx collection 2/READ ME FIRST (Terms of Agreement).txt
  • azag vx collection 2/azag_vx_coll2/(I-Worm.Thonic.a) aka- NamelessMist.zip
  • azag vx collection 2/azag_vx_coll2/(MS-DOS Virus by Azag) DUMBFUCK.zip
  • azag vx collection 2/azag_vx_coll2/(VX by Azag) W32.CompUSAsux.zip
  • azag vx collection 2/azag_vx_coll2/Azags VBS.Ickly.a.zip
  • azag vx collection 2/azag_vx_coll2/Azags VBS.Ilicky.b.zip
  • azag vx collection 2/azag_vx_coll2/Azags VBS.Ilicky.c.fix.zip
    .zip
  • Azags VBS.Ilicky.c.fix.vbs
    .vbs
  • azag vx collection 2/azag_vx_coll2/I-Worm Sarnoth n (SWF hide version by Azag).zip
    .zip
  • I-Worm Sarnoth by Azag on MAY2004/Sarnoth.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • azag vx collection 2/azag_vx_coll2/I-Worm.MBH by Azag.zip
    .zip
  • mbh.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • azag vx collection 2/azag_vx_coll2/I-Worm.MBH.CERNKILL Final SE ( by Azag).zip
    .zip
  • MBH.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • azag vx collection 2/azag_vx_coll2/I-Worm.MBH.Final by Azag.zip
    .zip
  • MBH.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • killbill2.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • azag vx collection 2/azag_vx_coll2/I-Worm.MBH2 by Azag.zip
    .zip
  • mbh2.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • azag vx collection 2/azag_vx_coll2/I-Worm.MBHz by Azag.zip
    .zip
  • mbhz/mbhz.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • azag vx collection 2/azag_vx_coll2/I-Worm.SarnothSE (Hidden).zip
    .zip
  • azag vx collection 2/azag_vx_coll2/I-Worm.SasserPatcher by Azag.zip
    .zip
  • azag vx collection 2/azag_vx_coll2/I-Worm.Sloppy2nds by Azag.zip
    .zip
  • azag vx collection 2/azag_vx_coll2/I-Worm.Thonic.c (maybe not detected yet).zip
    .zip
  • azag vx collection 2/azag_vx_coll2/I-Worm.Thonic99 (by AzagTH0TH).zip
    .zip
  • azag vx collection 2/azag_vx_coll2/MacroVirus.SuicidalTndeCz by Azag.zip
    .zip
  • azag vx collection 2/azag_vx_coll2/URAVARU.zip
    .zip
  • azag vx collection 2/azag_vx_coll2/VBS.SleepyPc (by Azag).zip
    .zip
  • azag vx collection 2/azag_vx_coll2/W32.AzagChaos101 (NO DETECT --Note IO ERROR HELL).zip
    .zip
  • azag vx collection 2/azagvxcoll2.jpg
    .jpg
  • .txt