General
-
Target
b334e6fadd82ba15e4a67be151688fae_JaffaCakes118
-
Size
1.0MB
-
MD5
b334e6fadd82ba15e4a67be151688fae
-
SHA1
e01133c4f63db4047569a10955ca5a013087e743
-
SHA256
631c802b8a510b9887fb05cb806c27c1d6c7573a16bbc83e9893a60d6a3442c6
-
SHA512
a9a1d1605b328dd2f88dc8663bfd303d787752004c7d964c6792bd6bdb7dbbb430eba0bec702048916545df11e9d14a87fa9d0362465146f62acdc6c92a660d4
-
SSDEEP
24576:9jdk+q2zOZQavuLwuLZA6NRQSb+XrZTmB7:Q+PzOZfvuLwuLZhNRN+XrgB7
Score
10/10
Malware Config
Signatures
-
Detect Neshta payload 1 IoCs
-
Neshta family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
b334e6fadd82ba15e4a67be151688fae_JaffaCakes118
-
forumza.ru/forumza.ru.exe
22bfec67c853694b6c3fc2fe6fad12cd
Headers
Imports
Sections
-
forumza.ru/Адаптация шаблона ZT Apogo под ucoz/Адаптация шаблона ZT Apogo под ucoz/JV Headline module.zip
-
assets/css/horizotal.css
-
assets/css/index.html
-
assets/css/jv_boro.css
-
assets/css/jv_eoty.css
-
assets/css/jvheadline.css
-
assets/css/jvheadline_css.php
-
assets/css/jvslidecontent.css
-
assets/css/proshow.css
-
assets/css/slideshow6.css
-
assets/css/slideshow7.css
-
assets/css/slideshow8.css
-
assets/css/vertical.css
-
assets/images/DetailR.jpg
-
assets/images/Thumbs.db
-
assets/images/arrow-l.png
-
assets/images/arrow-r.png
-
assets/images/arrow_slide.gif
-
assets/images/arrow_slide_acitve.gif
-
assets/images/bg_news_bl.gif
-
assets/images/bg_news_br.gif
-
assets/images/bg_slide_news.jpg
-
assets/images/bg_slide_news2.jpg
-
assets/images/bg_slide_news_c.gif
-
assets/images/bg_slide_news_l.gif
-
assets/images/box-b.png
-
assets/images/box-t.png
-
assets/images/fleche1.png
-
assets/images/fleche2.png
-
assets/images/img-bg.png
-
assets/images/index.html
-
assets/images/jv_boro/Thumbs.db
-
assets/images/jv_boro/bg-desc.png
-
assets/images/jv_boro/overlay.png
-
assets/images/jv_boro/preload.gif
-
assets/images/jv_boro/shadow-left.png
-
assets/images/jv_eoty/Thumbs.db
-
assets/images/jv_eoty/arrows.png
-
assets/images/lago-arrow-bg.png
-
assets/images/lago-grad-bg.gif
-
assets/images/lago_top_border.png
-
assets/images/lago_transparent_bg.png
-
assets/images/loading.gif
-
assets/images/next.jpg
-
assets/images/nophoto.png
-
assets/images/pre.jpg
-
assets/images/proshow-bg.png
-
assets/images/rokstories-arrows.png
-
assets/images/slide6/Thumbs.db
-
assets/images/slide6/fleche1.png
-
assets/images/slide6/fleche2.png
-
assets/images/slide7/Thumbs.db
-
assets/images/slide7/arrow-l.gif
-
assets/images/slide7/arrow-r.gif
-
assets/images/slide7/arrow-ri-hover.gif
-
assets/images/slide7/arrow-ri.gif
-
assets/images/smooth/Thumbs.db
-
assets/images/smooth/arrowdown.png
-
assets/images/smooth/arrows.png
-
assets/images/smooth/carrow1.gif
-
assets/images/smooth/carrow2.gif
-
assets/images/smooth/fleche1.gif
-
assets/images/smooth/fleche1.png
-
assets/images/smooth/fleche2.gif
-
assets/images/smooth/fleche2.png
-
assets/images/smooth/index.html
-
assets/images/smooth/loading-bar-black.gif
-
assets/images/smooth/loading.gif
-
assets/images/smooth/open.gif
-
assets/images/smooth/open.png
-
assets/images/title-arrow.png
-
assets/images/transparent_bg.png
-
assets/index.html
-
assets/js/horizotal.js
-
assets/js/index.html
-
assets/js/jd.gallery_lago.js
-
assets/js/jv_boro.js
-
assets/js/jv_eoty.js
-
assets/js/jvheadline.js
-
assets/js/slideshow5.js
-
assets/js/slideshow6.js
-
assets/js/slideshow7.js
-
assets/js/slideshow8.js
-
assets/js/vertical.js
-
assets/style.css
-
changelog.txt
-
elements/categories.php
-
elements/contenttype.php
-
elements/index.html
-
elements/k2category.php
-
elements/stylies.php
-
en-GB.mod_jv_headline.ini
-
helper.php
-
index.html
-
mod_jv_headline.php
-
mod_jv_headline.xml
-
thumbnail.inc.php
-
tmpl/default.php
-
tmpl/index.html
-
tmpl/jv_boro.php
-
tmpl/jv_eoty.php
-
tmpl/jv_lago.php
-
tmpl/jv_maju.php
-
tmpl/jv_pedon.php
-
tmpl/jv_sello1.php
-
tmpl/jv_sello2.php
-
tmpl/slideshow7.php
-
forumza.ru/Адаптация шаблона ZT Apogo под ucoz/Адаптация шаблона ZT Apogo под ucoz/Plugin System ZT Tools.zip
-
en-GB.plg_system_plg_ztools.ini
-
plg_ztools.php
-
plg_ztools.xml
-
plg_ztools/asset/html_parser.php
-
plg_ztools/asset/index.html
-
plg_ztools/assets/html_parser.php
-
plg_ztools/assets/images/index.html
-
plg_ztools/assets/images/zt.png
-
plg_ztools/assets/index.html
-
plg_ztools/assets/js/bt_clear_cache.js
-
plg_ztools/assets/js/index.html
-
plg_ztools/common.php
-
plg_ztools/define.php
-
plg_ztools/element/exlfiles.php
-
plg_ztools/element/getdata.php
-
plg_ztools/element/grad.png
-
plg_ztools/element/index.html
-
plg_ztools/element/loading.gif
-
plg_ztools/element/modules.php
-
plg_ztools/element/positions.php
-
plg_ztools/element/ztparamhelper.css
-
plg_ztools/element/ztparamhelper.js
-
plg_ztools/element/ztparamhelper.php
-
plg_ztools/index.html
-
plg_ztools/libs/index.html
-
plg_ztools/libs/jsmin.php
-
plg_ztools/libs/ztgzip.php
-
plg_ztools/params/index.html
-
plg_ztools/params/zttoolbar.xml
-
forumza.ru/Адаптация шаблона ZT Apogo под ucoz/Адаптация шаблона ZT Apogo под ucoz/ZT Apogo templates.zip
-
admin/en-GB.tpl_zt_apogo.ini
-
component.php
-
css/css3.htc
-
css/css3.php
-
css/default.css
-
css/googlefonts.css
-
css/ie7.css
-
css/index.html
-
css/modules.css
-
css/template.css
-
css/template_rtl.css
-
css/typo.css
-
css/typo_rtl.css
-
en-GB.tpl_zt_apogo.ini
-
favicon.ico
-
html/com_content/article/default.php
-
html/com_content/article/form.php
-
html/com_content/article/index.html
-
html/com_content/category/blog.php
-
html/com_content/category/blog_item.php
-
html/com_content/category/blog_links.php
-
html/com_content/category/default.php
-
html/com_content/category/default_items.php
-
html/com_content/category/index.html
-
html/com_content/frontpage/default.php
-
html/com_content/frontpage/default_item.php
-
html/com_content/frontpage/default_links.php
-
html/com_content/frontpage/index.html
-
html/com_content/index.html
-
html/com_content/section/blog.php
-
html/com_content/section/blog_item.php
-
html/com_content/section/blog_links.php
-
html/com_content/section/default.php
-
html/com_content/section/index.html
-
html/com_k2/templates/jv-k2-bara/category.php
-
html/com_k2/templates/jv-k2-bara/category_item.php
-
html/com_k2/templates/jv-k2-bara/category_item_links.php
-
html/com_k2/templates/jv-k2-bara/item.php
-
html/com_k2/templates/jv-k2-bara/item_comments_form.php
-
html/com_k2/templates/jv-k2-bara/latest.php
-
html/com_k2/templates/jv-k2-bara/latest_item.php
-
html/com_newsfeeds/categories/default.php
-
html/com_newsfeeds/categories/index.html
-
html/com_newsfeeds/category/default.php
-
html/com_newsfeeds/category/default_items.php
-
html/com_newsfeeds/category/index.html
-
html/com_newsfeeds/index.html
-
html/com_newsfeeds/newsfeed/default.php
-
html/com_newsfeeds/newsfeed/index.html
-
html/com_poll/index.html
-
html/com_poll/poll/default.php
-
html/com_poll/poll/default_graph.php
-
html/com_poll/poll/index.html
-
html/com_search/index.html
-
html/com_search/search/default.php
-
html/com_search/search/default_error.php
-
html/com_search/search/default_form.php
-
html/com_search/search/default_results.php
-
html/com_search/search/index.html
-
html/com_user/index.html
-
html/com_user/login/default.php
-
html/com_user/login/default_login.php
-
html/com_user/login/default_logout.php
-
html/com_user/login/index.html
-
html/com_user/register/default.php
-
html/com_user/register/default_message.php
-
html/com_user/register/index.html
-
html/com_user/remind/default.php
-
html/com_user/remind/default_message.php
-
html/com_user/remind/index.html
-
html/com_user/reset/complete.php
-
html/com_user/reset/confirm.php
-
html/com_user/reset/default.php
-
html/com_user/reset/index.html
-
html/com_user/user/default.php
-
html/com_user/user/form.php
-
html/com_user/user/index.html
-
html/com_weblinks/categories/default.php
-
html/com_weblinks/categories/index.html
-
html/com_weblinks/category/default.php
-
html/com_weblinks/category/default_items.php
-
html/com_weblinks/category/index.html
-
html/com_weblinks/index.html
-
html/com_weblinks/weblink/form.php
-
html/com_weblinks/weblink/index.html
-
html/index.html
-
html/mod_breadcrumbs/default.php
-
html/mod_breadcrumbs/helper.php
-
html/mod_breadcrumbs/index.html
-
html/mod_jv_headline/index.html
-
html/mod_jv_headline/jv_maju.php
-
html/mod_jvlatestnews/default.php
-
html/mod_jvlatestnews/index.html
-
html/mod_login/default.php
-
html/mod_login/index.html
-
html/mod_mainmenu/default.php
-
html/mod_mainmenu/index.html
-
html/mod_newsflash/_item.php
-
html/mod_newsflash/default.php
-
html/mod_newsflash/horiz.php
-
html/mod_newsflash/index.html
-
html/mod_newsflash/vert.php
-
html/mod_poll/default.php
-
html/mod_poll/index.html
-
html/mod_search/default.php
-
html/mod_stats/default.php
-
html/mod_stats/tmpl/default.php
-
html/mod_stats/tmpl/index.html
-
html/modules.php
-
html/pagination.php
-
images/arrow.png
-
images/arrow_rtl.png
-
images/bg-artitle.png
-
images/bg-box.jpg
-
images/bg-bullet-checklist.png
-
images/bg-button-search.png
-
images/bg-fancy-c.png
-
images/bg-fancy-lr.png
-
images/bg-frame.png
-
images/bg-input-button-grey.png
-
images/bg-input-button.png
-
images/bg-inputbox.jpg
-
images/bg-mainmenu-active.png
-
images/bg-mainmenu-submenu.png
-
images/bg-megamenu-arrowsub.png
-
images/bg-megamenu-arrowsub_rtl.png
-
images/bg-menuactive.png
-
images/bg-moduletitle-pink.png
-
images/bg-moduletitle-style1.jpg
-
images/bg-search.png
-
images/bg-submenu-arrow.png
-
images/bg-submenu.png
-
images/bg-ul-menu.jpg
-
images/bg-userwrap2.jpg
-
images/bg-userwrap4-bullet.png
-
images/bg-userwrap4-line.png
-
images/bg.jpg
-
images/bullet.png
-
images/icon/calendar.png
-
images/icon/card.png
-
images/icon/email.png
-
images/icon/logo.png
-
images/icon/pepole.png
-
images/img-bg.png
-
images/loading.gif
-
images/logo-footer.png
-
images/logo.png
-
images/twitter.png
-
images/typo/arrow-rtl.png
-
images/typo/arrow.png
-
images/typo/bignumber.png
-
images/typo/bq-c.gif
-
images/typo/bq-c.png
-
images/typo/bq-o.gif
-
images/typo/bq-o.png
-
images/typo/bub1-bl-rtl.png
-
images/typo/bub1-bl.png
-
images/typo/bub1-br-rtl.png
-
images/typo/bub1-br.png
-
images/typo/bub1-tl.png
-
images/typo/bub1-tr.png
-
images/typo/bub2-bl-rtl.png
-
images/typo/bub2-bl.png
-
images/typo/bub2-br-rtl.png
-
images/typo/bub2-br.png
-
images/typo/bub2-tl.png
-
images/typo/bub2-tr.png
-
images/typo/bub3-bl-rtl.png
-
images/typo/bub3-bl.png
-
images/typo/bub3-br-rtl.png
-
images/typo/bub3-br.png
-
images/typo/bub3-tl.png
-
images/typo/bub3-tr.png
-
images/typo/bub4-bl-rtl.png
-
images/typo/bub4-bl.png
-
images/typo/bub4-br-rtl.png
-
images/typo/bub4-br.png
-
images/typo/bub4-tl.png
-
images/typo/bub4-tr.png
-
images/typo/cart.png
-
images/typo/checklist.png
-
images/typo/closebox.png
-
images/typo/download.gif
-
images/typo/download.png
-
images/typo/error.gif
-
images/typo/feed.gif
-
images/typo/star.png
-
images/typo/stickynote.gif
-
images/typo/stickynote.png
-
images/typo/tips.gif
-
index.html
-
index.php
-
js/ie_png.js
-
js/index.html
-
libs/index.html
-
libs/zt_tools.php
-
libs/zt_vars.php
-
params.ini
-
templateDetails.xml
-
template_thumbnail.png
-
zt_menus/index.html
-
zt_menus/zt.common.php
-
zt_menus/zt_fancymenu/zt_fancymenu.css
-
zt_menus/zt_fancymenu/zt_fancymenu.js
-
zt_menus/zt_megamenu/index.html
-
zt_menus/zt_megamenu/zt.megamenu.css
-
zt_menus/zt_megamenu/zt.megamenu.js
-
zt_menus/zt_megamenu/zt.megamenu.rtl.js
-
zt_menus/zt_moomenu/index.html
-
zt_menus/zt_moomenu/zt.moomenu.css
-
zt_menus/zt_moomenu/zt.moomenu.js
-
zt_menus/zt_moomenu/zt.moomenu.rtl.js
-
forumza.ru/Адаптация шаблона ZT Apogo под ucoz/Адаптация шаблона ZT Apogo под ucoz/ОБЯЗАТЕЛЬНО ЧИТАТЬ!!!!!!!.txt