Overview
overview
7Static
static
7BogoGbook/...ut.asp
windows7-x64
3BogoGbook/...ut.asp
windows10-2004-x64
3BogoGbook/...hk.vbs
windows7-x64
1BogoGbook/...hk.vbs
windows10-2004-x64
1BogoGbook/...er.vbs
windows7-x64
1BogoGbook/...er.vbs
windows10-2004-x64
1BogoGbook/...Do.vbs
windows7-x64
1BogoGbook/...Do.vbs
windows10-2004-x64
1BogoGbook/...od.asp
windows7-x64
3BogoGbook/...od.asp
windows10-2004-x64
3BogoGbook/...ve.vbs
windows7-x64
1BogoGbook/...ve.vbs
windows10-2004-x64
1BogoGbook/...el.vbs
windows7-x64
1BogoGbook/...el.vbs
windows10-2004-x64
1BogoGbook/...sg.vbs
windows7-x64
1BogoGbook/...sg.vbs
windows10-2004-x64
1BogoGbook/...ex.asp
windows7-x64
3BogoGbook/...ex.asp
windows10-2004-x64
3BogoGbook/...op.asp
windows7-x64
3BogoGbook/...op.asp
windows10-2004-x64
3BogoGbook/...IN.asp
windows7-x64
3BogoGbook/...IN.asp
windows10-2004-x64
3BogoGbook/...ut.asp
windows7-x64
3BogoGbook/...ut.asp
windows10-2004-x64
3BogoGbook/...nn.vbs
windows7-x64
1BogoGbook/...nn.vbs
windows10-2004-x64
1BogoGbook/...up.asp
windows7-x64
3BogoGbook/...up.asp
windows10-2004-x64
3BogoGbook/Conn.vbs
windows7-x64
1BogoGbook/Conn.vbs
windows10-2004-x64
1BogoGbook/...Do.vbs
windows7-x64
1BogoGbook/...Do.vbs
windows10-2004-x64
1Behavioral task
behavioral1
Sample
BogoGbook/Admin/About.asp
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
BogoGbook/Admin/About.asp
Resource
win10v2004-20240709-en
Behavioral task
behavioral3
Sample
BogoGbook/Admin/AdminSignInChk.vbs
Resource
win7-20240704-en
Behavioral task
behavioral4
Sample
BogoGbook/Admin/AdminSignInChk.vbs
Resource
win10v2004-20240709-en
Behavioral task
behavioral5
Sample
BogoGbook/Admin/AdminUser.vbs
Resource
win7-20240708-en
Behavioral task
behavioral6
Sample
BogoGbook/Admin/AdminUser.vbs
Resource
win10v2004-20240709-en
Behavioral task
behavioral7
Sample
BogoGbook/Admin/AdminUserDo.vbs
Resource
win7-20240704-en
Behavioral task
behavioral8
Sample
BogoGbook/Admin/AdminUserDo.vbs
Resource
win10v2004-20240709-en
Behavioral task
behavioral9
Sample
BogoGbook/Admin/AdminUserPassMod.asp
Resource
win7-20240708-en
Behavioral task
behavioral10
Sample
BogoGbook/Admin/AdminUserPassMod.asp
Resource
win10v2004-20240709-en
Behavioral task
behavioral11
Sample
BogoGbook/Admin/AdminUserPassSave.vbs
Resource
win7-20240705-en
Behavioral task
behavioral12
Sample
BogoGbook/Admin/AdminUserPassSave.vbs
Resource
win10v2004-20240704-en
Behavioral task
behavioral13
Sample
BogoGbook/Admin/BBSMsgDel.vbs
Resource
win7-20240704-en
Behavioral task
behavioral14
Sample
BogoGbook/Admin/BBSMsgDel.vbs
Resource
win10v2004-20240709-en
Behavioral task
behavioral15
Sample
BogoGbook/Admin/BBSmsg.vbs
Resource
win7-20240705-en
Behavioral task
behavioral16
Sample
BogoGbook/Admin/BBSmsg.vbs
Resource
win10v2004-20240709-en
Behavioral task
behavioral17
Sample
BogoGbook/Admin/Index.asp
Resource
win7-20240704-en
Behavioral task
behavioral18
Sample
BogoGbook/Admin/Index.asp
Resource
win10v2004-20240709-en
Behavioral task
behavioral19
Sample
BogoGbook/Admin/IndexTop.asp
Resource
win7-20240704-en
Behavioral task
behavioral20
Sample
BogoGbook/Admin/IndexTop.asp
Resource
win10v2004-20240709-en
Behavioral task
behavioral21
Sample
BogoGbook/Admin/IsSignIN.asp
Resource
win7-20240704-en
Behavioral task
behavioral22
Sample
BogoGbook/Admin/IsSignIN.asp
Resource
win10v2004-20240709-en
Behavioral task
behavioral23
Sample
BogoGbook/Admin/IsSignOut.asp
Resource
win7-20240708-en
Behavioral task
behavioral24
Sample
BogoGbook/Admin/IsSignOut.asp
Resource
win10v2004-20240709-en
Behavioral task
behavioral25
Sample
BogoGbook/Admin/conn.vbs
Resource
win7-20240705-en
Behavioral task
behavioral26
Sample
BogoGbook/Admin/conn.vbs
Resource
win10v2004-20240709-en
Behavioral task
behavioral27
Sample
BogoGbook/Admin/setup.asp
Resource
win7-20240708-en
Behavioral task
behavioral28
Sample
BogoGbook/Admin/setup.asp
Resource
win10v2004-20240709-en
Behavioral task
behavioral29
Sample
BogoGbook/Conn.vbs
Resource
win7-20240704-en
Behavioral task
behavioral30
Sample
BogoGbook/Conn.vbs
Resource
win10v2004-20240709-en
Behavioral task
behavioral31
Sample
BogoGbook/Gbook_Do.vbs
Resource
win7-20240705-en
Behavioral task
behavioral32
Sample
BogoGbook/Gbook_Do.vbs
Resource
win10v2004-20240709-en
General
-
Target
43dbd5e1b0f82b8efd18d94adc56f060_JaffaCakes118
-
Size
1.1MB
-
MD5
43dbd5e1b0f82b8efd18d94adc56f060
-
SHA1
d7b2acf990e748da457ffaabf9d4eb34ea166d18
-
SHA256
354b55c25110ec12db722bffc936ba93b4a3200c9c399a6f46a8bbfcbe8715c9
-
SHA512
c1051bb258adde1e7a85db2ef718666600d224d4dc2ab81942a9211051568c2810b9580877245a95d4ba99a48d96cbf35cf733d616080ad0bae26172b37896b0
-
SSDEEP
24576:BEH86tI2aHh07FMjGtT+W82UOFxyD2mY8S1RYm6L4rv3eqaeja:+HJtdaB0pMjGtwOrMYt12srv31aee
Malware Config
Signatures
-
resource yara_rule static1/unpack001/BogoGbook/NBhtmL.com专用代码调试工具.exe aspack_v212_v242 -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/BogoGbook/NBhtmL.com专用代码调试工具.exe
Files
-
43dbd5e1b0f82b8efd18d94adc56f060_JaffaCakes118.rar
-
BogoGbook/Admin/About.asp
-
BogoGbook/Admin/AdminSignInChk.asp.vbs
-
BogoGbook/Admin/AdminUser.asp.vbs
-
BogoGbook/Admin/AdminUserDo.asp.vbs
-
BogoGbook/Admin/AdminUserPassMod.asp
-
BogoGbook/Admin/AdminUserPassSave.asp.vbs
-
BogoGbook/Admin/BBSMsgDel.asp.vbs
-
BogoGbook/Admin/BBSmsg.asp.vbs
-
BogoGbook/Admin/Index.asp
-
BogoGbook/Admin/IndexTop.asp
-
BogoGbook/Admin/IsSignIN.asp
-
BogoGbook/Admin/IsSignOut.asp
-
BogoGbook/Admin/Login.asp.html .js polyglot
-
BogoGbook/Admin/conn.asp.vbs
-
BogoGbook/Admin/setup.asp
-
BogoGbook/Conn.asp.vbs
-
BogoGbook/Database/bogo.org.cn.guestbook.mdb
-
BogoGbook/Gbook_Do.asp.vbs
-
BogoGbook/NBhtmL.com专用代码调试工具.exe.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
test Size: 391KB - Virtual size: 988KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
data Size: 241KB - Virtual size: 628KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 4KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.aspack Size: 11KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.adata Size: - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
BogoGbook/css/css.css
-
BogoGbook/images/AK_Add.gif.gif
-
BogoGbook/images/ads03.gif.gif
-
BogoGbook/images/ads_right.gif.gif
-
BogoGbook/images/ads_right.png.png
-
BogoGbook/images/b_foot.gif.gif
-
BogoGbook/images/b_mid.gif.gif
-
BogoGbook/images/b_top.gif.gif
-
BogoGbook/images/b_top_about.gif.gif
-
BogoGbook/images/b_top_book.gif.gif
-
BogoGbook/images/b_top_contact.gif.gif
-
BogoGbook/images/b_top_helpcenter.gif.gif
-
BogoGbook/images/b_top_lx.gif.gif
-
BogoGbook/images/b_top_lx.png.png
-
BogoGbook/images/back.gif.gif
-
BogoGbook/images/bg.bmp
-
BogoGbook/images/bg01.gif.gif
-
BogoGbook/images/bg_index.gif.gif
-
BogoGbook/images/bg_left.gif.gif
-
BogoGbook/images/blogouTown_Title.gif.gif
-
BogoGbook/images/bottom.gif.gif
-
BogoGbook/images/cate_fold.gif.gif
-
BogoGbook/images/csdn_News.gif.gif
-
BogoGbook/images/del.gif.gif
-
BogoGbook/images/download-button.gif.gif
-
BogoGbook/images/edit.gif.gif
-
BogoGbook/images/head.gif.gif
-
BogoGbook/images/headbg.gif.gif
-
BogoGbook/images/logo.gif.gif
-
BogoGbook/images/logoAdmin.gif.gif
-
BogoGbook/images/menu_bg.gif.gif
-
BogoGbook/images/menubg.gif.gif
-
BogoGbook/images/menudot.gif.gif
-
BogoGbook/images/menutopline.gif.gif
-
BogoGbook/images/mid.gif.gif
-
BogoGbook/images/noopen.gif.gif
-
BogoGbook/images/open.gif.gif
-
BogoGbook/images/plugin1.gif.gif
-
BogoGbook/images/show.gif.gif
-
BogoGbook/images/signin.gif.gif
-
BogoGbook/images/tab_03.gif.gif
-
BogoGbook/images/tab_05.gif.gif
-
BogoGbook/images/tab_07.gif.gif
-
BogoGbook/images/tab_12.gif.gif
-
BogoGbook/images/tab_15.gif.gif
-
BogoGbook/images/tab_18.gif.gif
-
BogoGbook/images/tab_19.gif.gif
-
BogoGbook/images/tab_20.gif.gif
-
BogoGbook/images/tab_bg.gif.gif
-
BogoGbook/images/ting.gif.gif
-
BogoGbook/images/tools2.gif.gif
-
BogoGbook/images/top.gif.gif
-
BogoGbook/images/top.png.png
-
BogoGbook/images/top_bg3.gif.gif
-
BogoGbook/images/vod_radi_08.gif.gif
-
BogoGbook/images/vod_radi_09.gif.gif
-
BogoGbook/images/vod_radi_10.gif.gif
-
BogoGbook/images/vod_radi_12.gif.gif
-
BogoGbook/images/vod_radi_17.gif.gif
-
BogoGbook/images/vod_radi_81.gif.gif
-
BogoGbook/images/vod_radi_83.gif.gif
-
BogoGbook/images/welcome_39.gif.gif
-
BogoGbook/include/banner.asp
-
BogoGbook/include/copy.js.js
-
BogoGbook/include/fangsql.asp.vbs
-
BogoGbook/include/foot.asp.js
-
BogoGbook/include/getimgcodefrom0-z.asp
-
BogoGbook/include/md5.asp.vbs
-
BogoGbook/include/ubb.asp.vbs
-
BogoGbook/index.asp.html
-
BogoGbook/新云软件.url.url
-
BogoGbook/留言簿使用说明.txt