Overview

overview

3

Static

static

3

admin/Default.asp

windows7-x64

3

admin/Default.asp

windows10-2004-x64

3

admin/edit...tor.js

windows7-x64

3

admin/edit...tor.js

windows10-2004-x64

3

admin/edit...t.html

windows7-x64

3

admin/edit...t.html

windows10-2004-x64

3

admin/edit...r.html

windows7-x64

3

admin/edit...r.html

windows10-2004-x64

1

admin/edit...ger.js

windows7-x64

3

admin/edit...ger.js

windows10-2004-x64

3

admin/edit...h.html

windows7-x64

3

admin/edit...h.html

windows10-2004-x64

3

admin/edit...e.html

windows7-x64

3

admin/edit...e.html

windows10-2004-x64

3

admin/edit...k.html

windows7-x64

3

admin/edit...k.html

windows10-2004-x64

3

admin/edit...a.html

windows7-x64

3

admin/edit...a.html

windows10-2004-x64

3

admin/edit...e.html

windows7-x64

3

admin/edit...e.html

windows10-2004-x64

3

admin/edit...e.html

windows7-x64

3

admin/edit...e.html

windows10-2004-x64

3

admin/新�...��.url

windows7-x64

1

admin/新�...��.url

windows10-2004-x64

1

bin/App_Code.dll

windows7-x64

1

bin/App_Code.dll

windows10-2004-x64

1

bin/App_We...an.dll

windows7-x64

1

bin/App_We...an.dll

windows10-2004-x64

1

bin/App_We...en.dll

windows7-x64

1

bin/App_We...en.dll

windows10-2004-x64

1

bin/App_We...sz.dll

windows7-x64

1

bin/App_We...sz.dll

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    c788b91d53df1d0cb63232a10695e181_JaffaCakes118

  • Size

    267KB

  • MD5

    c788b91d53df1d0cb63232a10695e181

  • SHA1

    d15ad28dca268aca166fbe75dd87310900dae02e

  • SHA256

    24167f5f0c9f02ef68f56fe1ad1416569a4e3bd310d4338dcf4dfdd701e7f3e4

  • SHA512

    caf06d2369afd9adc877bf4301c4251b8afc16b7ca2dbe186ab350fdf2b934426d88491ddab355e51489e944b7a8ab8ce32aae92931a1bf60dca7bb9dd77bac5

  • SSDEEP

    6144:zTbjieyFS+6lXOt8qB8NXhE1YdTjOnxRMrjb0GoLIIfjk9So9Wu:zualrq2NIYBOnTwBSxjx+Wu

Score
3/10

Malware Config

Signatures

  • Unsigned PE 6 IoCs

    Checks for missing Authenticode signature.

Files

  • c788b91d53df1d0cb63232a10695e181_JaffaCakes118
    .rar
  • Controls/admin.ascx
  • Controls/admin_add.ascx
  • Controls/cate_add.ascx
  • Controls/cate_list.ascx
  • Controls/cont_add.ascx
  • Controls/cont_list.ascx
  • Controls/guest.ascx
  • Controls/sys.ascx
  • Controls/tag_list.ascx
  • Controls/user.ascx
  • Controls/user_add.ascx
  • PrecompiledApp.config
  • QCMS_NET_V1.0_beta.txt
  • admin/Default.aspx
    .asp
  • admin/XMLFile.xml
  • admin/editor/kindeditor.js
    .js
  • admin/editor/plugins/about.html
    .html .js polyglot
  • admin/editor/plugins/file_manager/file_manager.css
  • admin/editor/plugins/file_manager/file_manager.html
    .html
  • admin/editor/plugins/file_manager/file_manager.js
    .js
  • admin/editor/plugins/file_manager/images/file-16.gif
    .gif
  • admin/editor/plugins/file_manager/images/file-64.gif
    .gif
  • admin/editor/plugins/file_manager/images/folder-16.gif
    .gif
  • admin/editor/plugins/file_manager/images/folder-64.gif
    .gif
  • admin/editor/plugins/file_manager/images/go-up.gif
    .gif
  • admin/editor/plugins/flash.html
    .html .js polyglot
  • admin/editor/plugins/image/image.html
    .html .js polyglot
  • admin/editor/plugins/image/images/align_bottom.gif
    .gif
  • admin/editor/plugins/image/images/align_left.gif
    .gif
  • admin/editor/plugins/image/images/align_middle.gif
    .gif
  • admin/editor/plugins/image/images/align_right.gif
    .gif
  • admin/editor/plugins/image/images/align_top.gif
    .gif
  • admin/editor/plugins/image/images/refresh.gif
    .gif
  • admin/editor/plugins/link/link.html
    .html .js polyglot
  • admin/editor/plugins/media.html
    .html .js polyglot
  • admin/editor/plugins/plainpaste.html
    .html .js polyglot
  • admin/editor/plugins/wordpaste.html
    .html .js polyglot
  • admin/editor/skins/common/blank.gif
    .gif
  • admin/editor/skins/common/editor.css
  • admin/editor/skins/common/flash.gif
    .gif
  • admin/editor/skins/common/loading.gif
    .gif
  • admin/editor/skins/common/media.gif
    .gif
  • admin/editor/skins/common/rm.gif
    .gif
  • admin/editor/skins/oxygen.css
  • admin/editor/skins/oxygen/oxygen.gif
    .gif
  • admin/login.aspx
  • admin/main.aspx
  • admin/menu.aspx
  • admin/right.aspx
  • admin/styles/advanced/images/login.gif
    .gif
  • admin/styles/advanced/style.css
  • admin/新云软件.url
    .url
  • bin/App_Code.compiled
  • bin/App_Code.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • bin/App_Web_gfmbp-an.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • bin/App_Web_nscgbmen.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • bin/App_Web_wcihjfsz.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • bin/ClassLibrary.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • bin/ClassLibrary.pdb
  • bin/Db.dll
    .dll windows:4 windows x86 arch:x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections

  • bin/Db.pdb
  • guest.aspx
  • images/bg_x.gif
    .gif
  • images/login.jpg
    .jpg
  • index.aspx
  • list.aspx
  • login.aspx
  • reg.aspx
  • sql/data
  • templist/default/css.css
  • templist/default/footer.html
  • templist/default/guest.html
    .js
  • templist/default/header.html
    .html .js polyglot
  • templist/default/images/banner.jpg
    .jpg
  • templist/default/images/bg_1.gif
    .gif
  • templist/default/images/bg_x.gif
    .gif
  • templist/default/images/bottMenuBg.jpg
    .jpg
  • templist/default/images/chanpin.gif
    .gif
  • templist/default/images/h4Bg.jpg
    .jpg
  • templist/default/images/headerBg.jpg
    .jpg
  • templist/default/images/login.jpg
    .jpg
  • templist/default/images/logo.jpg
    .jpg
  • templist/default/images/menuBg.jpg
    .jpg
  • templist/default/images/more.gif
    .gif
  • templist/default/images/new_dian.gif
    .gif
  • templist/default/images/notice-newsBg.jpg
    .jpg
  • templist/default/images/notice-newsLi.jpg
    .jpg
  • templist/default/images/rss.jpg
    .jpg
  • templist/default/images/search.png
    .png
  • templist/default/images/tp.jpg
    .jpg
  • templist/default/index.html
  • templist/default/list.html
  • templist/default/other.html
  • templist/default/prolist.html
  • templist/default/view.html
  • upfile/20100211044831chanpin.jpg
    .jpg
  • upfile/20100211044949chanpin2.jpg
    .jpg
  • upfile/20100211045048chanpin3.jpg
    .jpg
  • view.aspx
  • web.config