Overview

overview

7

Static

static

7

Rewrite/IS...te.dll

windows7-x64

6

Rewrite/IS...te.dll

windows10-2004-x64

3

Rewrite/IS...ig.exe

windows7-x64

6

Rewrite/IS...ig.exe

windows10-2004-x64

3

Rewrite/RXTest.exe

windows7-x64

3

Rewrite/RXTest.exe

windows10-2004-x64

3

Rewrite/Re...SG.dll

windows7-x64

1

Rewrite/Re...SG.dll

windows10-2004-x64

1

Rewrite/mtbnotif.dll

windows7-x64

3

Rewrite/mtbnotif.dll

windows10-2004-x64

3

Rewrite/proxycfg.vbs

windows7-x64

1

Rewrite/proxycfg.vbs

windows10-2004-x64

1

Rewrite/rwhelper.dll

windows7-x64

6

Rewrite/rwhelper.dll

windows10-2004-x64

3

php极速�...ss.ps1

windows7-x64

3

php极速�...ss.ps1

windows10-2004-x64

3

php极速�...nc.ps1

windows7-x64

3

php极速�...nc.ps1

windows10-2004-x64

3

php极速�...de.ps1

windows7-x64

3

php极速�...de.ps1

windows10-2004-x64

3

php极速�...ass.js

windows7-x64

3

php极速�...ass.js

windows10-2004-x64

3

php极速�...ass.js

windows7-x64

3

php极速�...ass.js

windows10-2004-x64

3

php极速�...ass.js

windows7-x64

3

php极速�...ass.js

windows10-2004-x64

3

php极速�...unc.js

windows7-x64

3

php极速�...unc.js

windows10-2004-x64

3

php极速�...out.js

windows7-x64

3

php极速�...out.js

windows10-2004-x64

3

php极速�.../js.js

windows7-x64

3

php极速�.../js.js

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    bf8ccb0fca96644d583eb073e4c7a3fe_JaffaCakes118

  • Size

    1.0MB

  • MD5

    bf8ccb0fca96644d583eb073e4c7a3fe

  • SHA1

    fb1bef16c0ac9018038605644ee9366a0a036967

  • SHA256

    403c004a78b67c999981a57329df9fec1c8fb2c3ce36ea3660386b22d624941c

  • SHA512

    a6c4cdb221e60e43f36e2d577d66f564c0de364141191d1b4dcaa588df4988a2631c7be054e9ce24c766ed8745e5bbb9147c00f5067b64be1fd442d01a76a5c3

  • SSDEEP

    24576:X7q+YVIaklsz3lTryeZGumURAQD3Acmv9UzbnJNojMRVkF:KKaklI1GLuzA5uvnYFF

Score
7/10
aspackv2

Malware Config

Signatures

  • ASPack v2.12-2.42 2 IoCs

    Detects executables packed with ASPack v2.12-2.42

    aspackv2
  • Unsigned PE 6 IoCs

    Checks for missing Authenticode signature.

Files

  • bf8ccb0fca96644d583eb073e4c7a3fe_JaffaCakes118
    .rar
  • php极速链程序开源版v2.20110303/.htaccess
  • php极速链程序开源版v2.20110303/Rewrite.rar
    .rar
  • Rewrite/ISAPI_Rewrite.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • Rewrite/ISAPI_Rewrite.lic
  • Rewrite/ISRWConfig.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • Rewrite/RXTest.exe
    .exe windows:4 windows x86 arch:x86

    4d776397629b75a4e57c5e1988cb4423


    Headers

    Imports

    Sections

  • Rewrite/RewriteMSG.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Sections

  • Rewrite/httpd.ini
  • Rewrite/mtbnotif.dll
    .dll regsvr32 windows:4 windows x86 arch:x86

    51e2eea593f29536d344ac6544f56c04


    Headers

    Imports

    Exports

    Sections

  • Rewrite/proxycfg.vbs
    .vbs
  • Rewrite/rwhelper.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • Rewrite/rwhelper.dll.manifest
    .xml
  • Rewrite/使用说明.txt
  • php极速链程序开源版v2.20110303/admin.php
  • php极速链程序开源版v2.20110303/cc.php
  • php极速链程序开源版v2.20110303/config.inc.php
  • php极速链程序开源版v2.20110303/httpd.ini
  • php极速链程序开源版v2.20110303/img/logo.gif
    .gif
  • php极速链程序开源版v2.20110303/inc/Template.inc.php
  • php极速链程序开源版v2.20110303/inc/Template_class.php
    .ps1
  • php极速链程序开源版v2.20110303/inc/Template_debug.php
  • php极速链程序开源版v2.20110303/inc/common.inc.php
    .ps1
  • php极速链程序开源版v2.20110303/inc/common.inc_de.php
    .ps1
  • php极速链程序开源版v2.20110303/inc/db_mysql.class.php
    .js
  • php极速链程序开源版v2.20110303/inc/httpget.class.php
    .js
  • php极速链程序开源版v2.20110303/inc/links.class.php
    .js
  • php极速链程序开源版v2.20110303/inc/links.inc.php
  • php极速链程序开源版v2.20110303/inc/splitword.func.php
    .js
  • php极速链程序开源版v2.20110303/inc/uri.inc.php
  • php极速链程序开源版v2.20110303/inc/uri.inc_de.php
  • php极速链程序开源版v2.20110303/inc/wwwdic.csv
  • php极速链程序开源版v2.20110303/index.php
  • php极速链程序开源版v2.20110303/index_de.php
  • php极速链程序开源版v2.20110303/install.php
  • php极速链程序开源版v2.20110303/js/clickout.js
    .js
  • php极速链程序开源版v2.20110303/js/js.js
    .js
  • php极速链程序开源版v2.20110303/js/tj.js
    .js
  • php极速链程序开源版v2.20110303/keys.txt
  • php极速链程序开源版v2.20110303/template/end.html
  • php极速链程序开源版v2.20110303/template/end2.html
  • php极速链程序开源版v2.20110303/template/index.html
  • php极速链程序开源版v2.20110303/template/list.html
  • php极速链程序开源版v2.20110303/template/site.html
  • php极速链程序开源版v2.20110303/template/top.html
    .html
  • php极速链程序开源版v2.20110303/up.php
  • php极速链程序开源版v2.20110303/www/1.txt
  • php极速链程序开源版v2.20110303/www/2.txt
  • php极速链程序开源版v2.20110303/www/3.txt
  • php极速链程序开源版v2.20110303/www/w.php
  • php极速链程序开源版v2.20110303/新云软件.url
    .url
  • php极速链程序开源版v2.20110303/系统使用说明.txt