Overview

overview

3

Static

static

1

sffbforfwow2/Ad.vbs

windows7-x64

1

sffbforfwow2/Ad.vbs

windows10-2004-x64

1

sffbforfwo...a.html

windows7-x64

3

sffbforfwo...a.html

windows10-2004-x64

3

sffbforfwo...ta.vbs

windows7-x64

1

sffbforfwo...ta.vbs

windows10-2004-x64

1

sffbforfwo...fo.asp

windows7-x64

3

sffbforfwo...fo.asp

windows10-2004-x64

3

sffbforfwo...ch.vbs

windows7-x64

1

sffbforfwo...ch.vbs

windows10-2004-x64

1

sffbforfwo...ic.asp

windows7-x64

3

sffbforfwo...ic.asp

windows10-2004-x64

3

sffbforfwow2/CHAR.vbs

windows7-x64

1

sffbforfwow2/CHAR.vbs

windows10-2004-x64

1

sffbforfwo...me.htm

windows7-x64

3

sffbforfwo...me.htm

windows10-2004-x64

3

sffbforfwo...op.htm

windows7-x64

3

sffbforfwo...op.htm

windows10-2004-x64

3

sffbforfwo.../01.js

windows7-x64

3

sffbforfwo.../01.js

windows10-2004-x64

3

sffbforfwo...on.vbs

windows7-x64

1

sffbforfwo...on.vbs

windows10-2004-x64

1

sffbforfwo...ion.js

windows7-x64

3

sffbforfwo...ion.js

windows10-2004-x64

3

sffbforfwo...ain.js

windows7-x64

3

sffbforfwo...ain.js

windows10-2004-x64

3

sffbforfwo...wnC.js

windows7-x64

3

sffbforfwo...wnC.js

windows10-2004-x64

3

sffbforfwo...de.vbs

windows7-x64

1

sffbforfwo...de.vbs

windows10-2004-x64

1

sffbforfwo...ef.vbs

windows7-x64

1

sffbforfwo...ef.vbs

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    6abc4a8db4806f7c73a5d71e4d8215a0_JaffaCakes118

  • Size

    612KB

  • MD5

    6abc4a8db4806f7c73a5d71e4d8215a0

  • SHA1

    89b05bf708c40606c5f720d501563df44001465e

  • SHA256

    3c354194dcbddde3ae63acb711ffe029203235263671823c1ab79194165561d0

  • SHA512

    0ad0903b1d4de6d00fa207131dec0fe5277e0342c861f4e3c391a34699abb4a3f961ccc66743f1253cd409a25d8886b24d51c2cafbb485d60b517c2ef31ea831

  • SSDEEP

    12288:f/rUFmpCLQjAV/mVYNzZTOE8bB9HQ/jRjvrJ3osAdDYXqxM0b:nrUMpCLQjAV/UY7Tx8bzsR3J3oHdDYVm

Score
1/10

Malware Config

Signatures

Files

  • 6abc4a8db4806f7c73a5d71e4d8215a0_JaffaCakes118
    .rar
  • sffbforfwow2/Ad.asp
    .vbs
  • sffbforfwow2/AddJiazuData.asp
    .html
  • sffbforfwow2/AddsifuData.asp
    .vbs
  • sffbforfwow2/Admin_STYLE.CSS
  • sffbforfwow2/Admin_ServerInfo.asp
    .asp .vbs polyglot
  • sffbforfwow2/Admin_add_search.asp
    .vbs
  • sffbforfwow2/Adpic.asp
  • sffbforfwow2/BGBG.gif
    .gif
  • sffbforfwow2/CHAR.INC
    .vbs
  • sffbforfwow2/FooterFrame.htm
    .html
  • sffbforfwow2/FrameTop.htm
    .html
  • sffbforfwow2/Images/22.swf
  • sffbforfwow2/Images/Bank/Bank_1.gif
    .gif
  • sffbforfwow2/Images/Bank/Bank_2.gif
    .gif
  • sffbforfwow2/Images/Bank/Bank_3.gif
    .gif
  • sffbforfwow2/Images/Bank/Bank_4.gif
    .gif
  • sffbforfwow2/Images/Bank/Bank_5.gif
    .gif
  • sffbforfwow2/Images/Bank/Bank_6.gif
    .gif
  • sffbforfwow2/Images/Bank/Bank_7.gif
    .gif
  • sffbforfwow2/Images/Head.Fix
  • sffbforfwow2/Images/Hr_1.jpg
    .jpg
  • sffbforfwow2/Images/Hr_2.jpg
    .jpg
  • sffbforfwow2/Images/ICON_New.gif
    .gif
  • sffbforfwow2/Images/ICON_Up.gif
    .gif
  • sffbforfwow2/Images/Index_006.gif
    .gif
  • sffbforfwow2/Images/Index_009.gif
    .gif
  • sffbforfwow2/Images/Index_r3_c3.jpg
    .jpg
  • sffbforfwow2/Images/Index_r5_c1.gif
    .gif
  • sffbforfwow2/Images/Index_r5_c1.jpg
    .jpg
  • sffbforfwow2/Images/Index_r6_c1.jpg
    .jpg
  • sffbforfwow2/Images/Index_r6_c2.jpg
    .jpg
  • sffbforfwow2/Images/Index_r6_c9.jpg
    .jpg
  • sffbforfwow2/Images/Index_r7_c9.jpg
    .jpg
  • sffbforfwow2/Images/Index_r8_c1.jpg
    .jpg
  • sffbforfwow2/Images/Index_wmwool.gif
    .gif
  • sffbforfwow2/Images/Menu_Bg.jpg
    .jpg
  • sffbforfwow2/Images/Menu_Sr.jpg
    .jpg
  • sffbforfwow2/Images/New1.gif
    .gif
  • sffbforfwow2/Images/NewPost.gif
    .gif
  • sffbforfwow2/Images/News_Dot.gif
    .gif
  • sffbforfwow2/Images/Subject.gif
    .gif
  • sffbforfwow2/Images/ad1.gif
    .gif
  • sffbforfwow2/Images/ad_cbb.gif
    .gif
  • sffbforfwow2/Images/ad_cmb3.gif
    .gif
  • sffbforfwow2/Images/ad_crb.gif
    .gif
  • sffbforfwow2/Images/ad_icbc.gif
    .gif
  • sffbforfwow2/Images/bank_gsyh.gif
    .gif
  • sffbforfwow2/Images/bank_jtyh.gif
    .gif
  • sffbforfwow2/Images/bank_jxyh.gif
    .gif
  • sffbforfwow2/Images/bank_nyyh.gif
    .gif
  • sffbforfwow2/Images/bank_zgyh.gif
    .gif
  • sffbforfwow2/Images/bc.gif
    .gif
  • sffbforfwow2/Images/bg.gif
    .gif
  • sffbforfwow2/Images/bg.jpg
    .jpg
  • sffbforfwow2/Images/bg1.gif
    .gif
  • sffbforfwow2/Images/daohang.gif
    .gif
  • sffbforfwow2/Images/daohang2bg.gif
    .gif
  • sffbforfwow2/Images/daohangbg.gif
    .gif
  • sffbforfwow2/Images/dw.gif
    .gif
  • sffbforfwow2/Images/ib1.gif
    .gif
  • sffbforfwow2/Images/ib2.gif
    .gif
  • sffbforfwow2/Images/ib3.gif
    .gif
  • sffbforfwow2/Images/ib4.gif
    .gif
  • sffbforfwow2/Images/image002.gif
    .gif
  • sffbforfwow2/Images/important.gif
    .gif
  • sffbforfwow2/Images/lev5.gif
    .gif
  • sffbforfwow2/Images/link.gif
    .gif
  • sffbforfwow2/Images/link1.gif
    .gif
  • sffbforfwow2/Images/love5.gif
    .gif
  • sffbforfwow2/Images/lw.gif
    .gif
  • sffbforfwow2/Images/mail_logo.gif
    .gif
  • sffbforfwow2/Images/new.gif
    .gif
  • sffbforfwow2/Images/qq1.gif
    .gif
  • sffbforfwow2/Images/qq_online.gif
    .gif
  • sffbforfwow2/Images/t001.jpg
    .jpg
  • sffbforfwow2/Images/tbg.gif
    .gif
  • sffbforfwow2/Images/tbg1.gif
    .gif
  • sffbforfwow2/Images/tbg2.gif
    .gif
  • sffbforfwow2/Images/th_bg.gif
    .gif
  • sffbforfwow2/Images/top.swf
  • sffbforfwow2/Images/ts/0.gif
    .gif
  • sffbforfwow2/Images/ts/jing.gif
    .gif
  • sffbforfwow2/Images/ts/zuan.gif
    .gif
  • sffbforfwow2/Images/uw.gif
    .gif
  • sffbforfwow2/Images/wmwool.Com_Images_007.gif
    .gif
  • sffbforfwow2/Images/wmwool.com_foot_bg.gif
    .gif
  • sffbforfwow2/Images/zuan.gif
    .gif
  • sffbforfwow2/Images/zx.gif
    .gif
  • sffbforfwow2/Inc/01.js
    .js
  • sffbforfwow2/Inc/316sfStyle.css
  • sffbforfwow2/Inc/Admin_STYLE.CSS
  • sffbforfwow2/Inc/Function.Asp
    .vbs
  • sffbforfwow2/Inc/Function.js
    .js .vbs
  • sffbforfwow2/Inc/Main.js
    .js
  • sffbforfwow2/Inc/Mt_dropdownC.Js
    .js
  • sffbforfwow2/Inc/VOTE_Style.Css
  • sffbforfwow2/Inc/checkcode.asp
    .vbs
  • sffbforfwow2/Inc/clsThief.asp
    .vbs
  • sffbforfwow2/Inc/css.css
  • sffbforfwow2/Inc/index.css
  • sffbforfwow2/Inc/j_style.css
  • sffbforfwow2/Inc/md5.asp
    .vbs
  • sffbforfwow2/Inc/setInterval.htm
    .html .js polyglot
  • sffbforfwow2/Inc/sethome.gif
    .gif
  • sffbforfwow2/Inc/stat.js
    .js
  • sffbforfwow2/Inc/style.css
  • sffbforfwow2/Inc/ts.js
    .js
  • sffbforfwow2/Inc/ts02.js
    .js
  • sffbforfwow2/Inc/ts03.js
    .js
  • sffbforfwow2/Inc/windows.js
    .js
  • sffbforfwow2/Inject/Inject.Asp
    .vbs
  • sffbforfwow2/IpLock/IpLock.Asp
    .vbs
  • sffbforfwow2/Jz_List.asp
    .vbs
  • sffbforfwow2/Jz_save.asp
    .vbs
  • sffbforfwow2/LeftFrame.asp
    .vbs
  • sffbforfwow2/LinkAD.asp
    .vbs
  • sffbforfwow2/Navigate-01.asp
  • sffbforfwow2/News.asp
    .vbs
  • sffbforfwow2/News_display.asp
    .vbs
  • sffbforfwow2/SqlIn.Asp
    .vbs
  • sffbforfwow2/TopFrame.htm
    .html
  • sffbforfwow2/UbbCode.Asp
    .vbs
  • sffbforfwow2/admin_AddJiazuData.asp
    .vbs
  • sffbforfwow2/admin_AddJiazuData_save.asp
    .vbs
  • sffbforfwow2/admin_AddsifuData.asp
    .vbs
  • sffbforfwow2/admin_AddsifuData_save.asp
    .vbs
  • sffbforfwow2/admin_Admin.asp
    .vbs
  • sffbforfwow2/admin_All_Vote.Asp
    .vbs
  • sffbforfwow2/admin_Config.asp
    .vbs
  • sffbforfwow2/admin_ConfigSave.asp
    .vbs
  • sffbforfwow2/admin_CreateHTML.asp
    .html
  • sffbforfwow2/admin_Db.asp
    .vbs
  • sffbforfwow2/admin_Del_Vote.Asp
    .vbs
  • sffbforfwow2/admin_Error_vote.Asp
    .vbs
  • sffbforfwow2/admin_Jz_Display.asp
    .vbs
  • sffbforfwow2/admin_Jz_del.asp
    .vbs
  • sffbforfwow2/admin_Jz_edit.asp
    .vbs
  • sffbforfwow2/admin_Jz_list.asp
    .vbs
  • sffbforfwow2/admin_Jz_save.asp
    .vbs
  • sffbforfwow2/admin_Jz_top.asp
    .vbs
  • sffbforfwow2/admin_Jz_top_l.asp
    .vbs
  • sffbforfwow2/admin_Jz_top_s.asp
    .vbs
  • sffbforfwow2/admin_Jz_ulock_l.asp
    .vbs
  • sffbforfwow2/admin_Jz_ulock_s.asp
    .vbs
  • sffbforfwow2/admin_News.asp
    .vbs
  • sffbforfwow2/admin_News_add.asp
    .vbs
  • sffbforfwow2/admin_News_edit.asp
    .vbs
  • sffbforfwow2/admin_News_save.asp
    .vbs
  • sffbforfwow2/admin_News_top.asp
    .vbs
  • sffbforfwow2/admin_Promote.asp
    .vbs
  • sffbforfwow2/admin_Promote_l.asp
    .vbs
  • sffbforfwow2/admin_Promote_s.asp
    .vbs
  • sffbforfwow2/admin_Sql.asp
    .vbs
  • sffbforfwow2/admin_Vote.Asp
    .vbs
  • sffbforfwow2/admin_about.asp
    .vbs
  • sffbforfwow2/admin_ad.asp
    .html
  • sffbforfwow2/admin_cjj.asp
    .html
  • sffbforfwow2/admin_del.asp
    .vbs
  • sffbforfwow2/admin_display.asp
    .vbs
  • sffbforfwow2/admin_edit.asp
    .vbs
  • sffbforfwow2/admin_ip_Error.Asp
    .vbs
  • sffbforfwow2/admin_ip_IpLock.Asp
    .vbs
  • sffbforfwow2/admin_link.asp
    .vbs
  • sffbforfwow2/admin_list.asp
    .vbs
  • sffbforfwow2/admin_main.asp
    .vbs
  • sffbforfwow2/admin_save.asp
    .vbs
  • sffbforfwow2/admin_search.asp
    .vbs
  • sffbforfwow2/admin_top.asp
    .vbs
  • sffbforfwow2/admin_top_l.asp
    .vbs
  • sffbforfwow2/admin_top_s.asp
    .vbs
  • sffbforfwow2/admin_type.asp
    .vbs
  • sffbforfwow2/admin_type_edit.asp
    .vbs
  • sffbforfwow2/admin_ulock.asp
    .vbs
  • sffbforfwow2/admin_ulock_s.asp
    .vbs
  • sffbforfwow2/admin_ver.asp
    .vbs
  • sffbforfwow2/admin_ver_edit.asp
    .vbs
  • sffbforfwow2/bgb2.gif
    .gif
  • sffbforfwow2/checklogin.asp
    .vbs
  • sffbforfwow2/clsCache.asp
    .vbs
  • sffbforfwow2/code.asp
    .vbs
  • sffbforfwow2/config.asp
  • sffbforfwow2/conn.asp
    .vbs
  • sffbforfwow2/create_gamelist.asp
    .vbs
  • sffbforfwow2/create_gamelist2.asp
    .vbs
  • sffbforfwow2/create_index.asp
    .vbs
  • sffbforfwow2/create_index2.asp
    .vbs
  • sffbforfwow2/data/SqlIn.mdb
  • sffbforfwow2/data/xxxxxx.asa
  • sffbforfwow2/data/复件 zesf168.asa
  • sffbforfwow2/del_HTML.asp
    .asp
  • sffbforfwow2/edittemple.asp
    .vbs
  • sffbforfwow2/fh.asp
    .js
  • sffbforfwow2/go.htm
    .html .js polyglot
  • sffbforfwow2/image/hot.gif
    .gif
  • sffbforfwow2/image/index_46.jpg
    .jpg
  • sffbforfwow2/image/jing1.gif
    .gif
  • sffbforfwow2/image/lev4.gif
    .gif
  • sffbforfwow2/image/look.gif
    .gif
  • sffbforfwow2/image/nav_weizhi_bg.gif
    .gif
  • sffbforfwow2/image/shan.gif
    .gif
  • sffbforfwow2/image/top1.gif
    .gif
  • sffbforfwow2/index.asp
    .vbs
  • sffbforfwow2/index.html
    .js
  • sffbforfwow2/install.asp
    .vbs
  • sffbforfwow2/link.asp
    .html
  • sffbforfwow2/login/css.css
  • sffbforfwow2/login/images/login_1.gif
    .gif
  • sffbforfwow2/login/images/login_10.gif
    .gif
  • sffbforfwow2/login/images/login_11.gif
    .gif
  • sffbforfwow2/login/images/login_12.gif
    .gif
  • sffbforfwow2/login/images/login_13.gif
    .gif
  • sffbforfwow2/login/images/login_14.gif
    .gif
  • sffbforfwow2/login/images/login_15.gif
    .gif
  • sffbforfwow2/login/images/login_16.gif
    .gif
  • sffbforfwow2/login/images/login_17.gif
    .gif
  • sffbforfwow2/login/images/login_18.gif
    .gif
  • sffbforfwow2/login/images/login_2.gif
    .gif
  • sffbforfwow2/login/images/login_3.gif
    .gif
  • sffbforfwow2/login/images/login_4.gif
    .gif
  • sffbforfwow2/login/images/login_5.gif
    .gif
  • sffbforfwow2/login/images/login_6.gif
    .gif
  • sffbforfwow2/login/images/login_7.gif
    .gif
  • sffbforfwow2/login/images/login_8.gif
    .gif
  • sffbforfwow2/login/images/login_9.gif
    .gif
  • sffbforfwow2/login/images/spacer.gif
    .gif
  • sffbforfwow2/login/login.asp
    .asp .js polyglot
  • sffbforfwow2/mycodes.net说明.txt
  • sffbforfwow2/save.asp
    .vbs
  • sffbforfwow2/search.asp
    .vbs
  • sffbforfwow2/style.css
  • sffbforfwow2/webfoot.asp
    .js
  • sffbforfwow2/webtop.asp
  • sffbforfwow2/xwz_Login.asp
    .asp .vbs polyglot
  • sffbforfwow2/源码之家.url
    .url
  • sffbforfwow2/说明.txt