c7f4810d72caff47511d3f9ed495e4fa_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c7f4810d72caff47511d3f9ed495e4fa_JaffaCakes118
Size

547KB
MD5

c7f4810d72caff47511d3f9ed495e4fa
SHA1

34ff9024b265193c053a3d1eac40d49d87855dbd
SHA256

d7f2d0e9f4be134b203150fc9ed783b945c5e6fd366ddf19bd6605891c3211f0
SHA512

8181cfa497a967313e9314dbb892c2d65d8a4adef33d54e9cc22e6194daa7696554f921b4978d806624ba58488c8a89c4c16aca3f4baa77fa7a4ec111264ce23
SSDEEP

12288:KDv+7HQZ5m0np4nP005oZ1KkBkOStZBt8383JLDXRprOp06:zjW5mC05ovBk9tGs5/X7K

Score

3^/10

Malware Config

Signatures

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack002/neubot-0.3.3/win32/neubot-headless.exe
unpack002/neubot-0.3.3/win32/neubot-start.exe
unpack002/neubot-0.3.3/win32/neubot-stop.exe

Files

c7f4810d72caff47511d3f9ed495e4fa_JaffaCakes118
.gz
neubot-0.3.3.tar
.tar
neubot-0.3.3/AUTHORS
neubot-0.3.3/BUGS
neubot-0.3.3/COPYING
neubot-0.3.3/ChangeLog
neubot-0.3.3/INSTALL
neubot-0.3.3/MacOS/neubot.app/Contents/Info.plist
.xml
neubot-0.3.3/MacOS/neubot.app/Contents/MacOS/neubot
.sh linux
neubot-0.3.3/MacOS/neubot.app/Contents/Resources/neubot.icns
neubot-0.3.3/Make-clean.bat
neubot-0.3.3/Make-dist.bat
neubot-0.3.3/Make-installer.bat
neubot-0.3.3/Makefile
neubot-0.3.3/README
neubot-0.3.3/applications/neubot-status-icon.desktop
neubot-0.3.3/applications/neubot-web-ui.desktop
neubot-0.3.3/bin/neubot
.sh linux
neubot-0.3.3/bin/start-neubot-daemon
.sh linux
neubot-0.3.3/debian/Release
neubot-0.3.3/debian/control/control
neubot-0.3.3/debian/control/postinst
.sh linux
neubot-0.3.3/debian/control/prerm
.sh .vbs linux polyglot
neubot-0.3.3/debian/etc/apt/sources.list.d/neubot.list
neubot-0.3.3/debian/etc/init.d/neubot
.sh linux
neubot-0.3.3/doc/MacOS.txt
neubot-0.3.3/doc/neubot.1.txt
neubot-0.3.3/doc/speedtest-server.png
.png
neubot-0.3.3/etc/neubot/config
neubot-0.3.3/fake-db.py
.py .sh linux
neubot-0.3.3/icons/neubot-128x128.png
.png
neubot-0.3.3/icons/neubot-16x16.png
.png
neubot-0.3.3/icons/neubot-256x256.png
.png
neubot-0.3.3/icons/neubot-32x32.png
.png
neubot-0.3.3/icons/neubot-48x48.png
.png
neubot-0.3.3/icons/neubot-64x64.png
.png
neubot-0.3.3/icons/neubot.dia
.xml
neubot-0.3.3/icons/neubot.svg
.xml
neubot-0.3.3/man/man1/neubot.1
neubot-0.3.3/neubot.nsi
neubot-0.3.3/neubot/__init__.py
neubot-0.3.3/neubot/bittorrent/__init__.py
neubot-0.3.3/neubot/bittorrent/bitfield.py
neubot-0.3.3/neubot/bittorrent/connector.py
.py .vbs
neubot-0.3.3/neubot/bittorrent/handler.py
neubot-0.3.3/neubot/bittorrent/wrapper.py
neubot-0.3.3/neubot/compat.py
neubot-0.3.3/neubot/config.py
neubot-0.3.3/neubot/database.py
neubot-0.3.3/neubot/debug.py
neubot-0.3.3/neubot/http/__init__.py
neubot-0.3.3/neubot/http/clients.py
neubot-0.3.3/neubot/http/handlers.py
neubot-0.3.3/neubot/http/messages.py
neubot-0.3.3/neubot/http/servers.py
neubot-0.3.3/neubot/http/utils.py
neubot-0.3.3/neubot/log.py
neubot-0.3.3/neubot/main.py
neubot-0.3.3/neubot/net/CA.py
neubot-0.3.3/neubot/net/__init__.py
neubot-0.3.3/neubot/net/connectors.py
neubot-0.3.3/neubot/net/listeners.py
neubot-0.3.3/neubot/net/pollers.py
neubot-0.3.3/neubot/net/streams.py
neubot-0.3.3/neubot/notify.py
neubot-0.3.3/neubot/objgraph.py
neubot-0.3.3/neubot/options.py
neubot-0.3.3/neubot/pathnames.py
neubot-0.3.3/neubot/rendezvous.py
neubot-0.3.3/neubot/speedtest.py
neubot-0.3.3/neubot/state.py
neubot-0.3.3/neubot/statusicon.py
neubot-0.3.3/neubot/ui.py
neubot-0.3.3/neubot/unix.py
neubot-0.3.3/neubot/utils.py
neubot-0.3.3/neubot/win32.py
neubot-0.3.3/neubot/www/css/jquery.jqplot.css
neubot-0.3.3/neubot/www/css/style.css
neubot-0.3.3/neubot/www/favicon.ico
neubot-0.3.3/neubot/www/img/header-web.png
.png
neubot-0.3.3/neubot/www/index.html
neubot-0.3.3/neubot/www/js/excanvas.js
.js
neubot-0.3.3/neubot/www/js/jqplot.canvasAxisTickRenderer.min.js
.js
neubot-0.3.3/neubot/www/js/jqplot.canvasTextRenderer.min.js
.js
neubot-0.3.3/neubot/www/js/jqplot.categoryAxisRenderer.min.js
.js
neubot-0.3.3/neubot/www/js/jqplot.cursor.min.js
.js
neubot-0.3.3/neubot/www/js/jqplot.highlighter.min.js
.js
neubot-0.3.3/neubot/www/js/jquery-ui.js
.js
neubot-0.3.3/neubot/www/js/jquery.jqplot.js
.js
neubot-0.3.3/neubot/www/js/jquery.js
.js
neubot-0.3.3/neubot/www/js/jquery.qtip.js
.js
neubot-0.3.3/neubot/www/js/libneubot.js
.js
neubot-0.3.3/neubot/www/js/neubot.js
.js
neubot-0.3.3/neubot/www/js/results.js
.js
neubot-0.3.3/neubot/www/results.html
neubot-0.3.3/release.sh
.sh linux
neubot-0.3.3/setup.py
neubot-0.3.3/win32/Make-clean.bat
neubot-0.3.3/win32/Make-exe.bat
neubot-0.3.3/win32/neubot-exec.h
neubot-0.3.3/win32/neubot-headless.c
neubot-0.3.3/win32/neubot-headless.exe
.exe windows:4 windows x86 arch:x86

c74e9b8fc4d175936bab4f8340fa3582

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CloseHandle
CreateProcessA
DeleteCriticalSection
EnterCriticalSection
ExitProcess
FreeLibrary
GetCommandLineA
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetStartupInfoA
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
SetCurrentDirectoryA
SetUnhandledExceptionFilter
TlsGetValue
VirtualProtect
VirtualQuery

msvcrt

__getmainargs
__p__environ
__p__fmode
__set_app_type
_cexit
_iob
_onexit
_setmode
_winmajor
abort
atexit
calloc
free
fwrite
memcpy
memset
signal
strrchr
vfprintf

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eh_fram
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 244B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
neubot-0.3.3/win32/neubot-icon.rc
neubot-0.3.3/win32/neubot-start.c
neubot-0.3.3/win32/neubot-start.exe
.exe windows:4 windows x86 arch:x86

c74e9b8fc4d175936bab4f8340fa3582

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CloseHandle
CreateProcessA
DeleteCriticalSection
EnterCriticalSection
ExitProcess
FreeLibrary
GetCommandLineA
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetStartupInfoA
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
SetCurrentDirectoryA
SetUnhandledExceptionFilter
TlsGetValue
VirtualProtect
VirtualQuery

msvcrt

__getmainargs
__p__environ
__p__fmode
__set_app_type
_cexit
_iob
_onexit
_setmode
_winmajor
abort
atexit
calloc
free
fwrite
memcpy
memset
signal
strrchr
vfprintf

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 356B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eh_fram
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 244B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
neubot-0.3.3/win32/neubot-stop.c
neubot-0.3.3/win32/neubot-stop.exe
.exe windows:4 windows x86 arch:x86

c74e9b8fc4d175936bab4f8340fa3582

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CloseHandle
CreateProcessA
DeleteCriticalSection
EnterCriticalSection
ExitProcess
FreeLibrary
GetCommandLineA
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetStartupInfoA
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
SetCurrentDirectoryA
SetUnhandledExceptionFilter
TlsGetValue
VirtualProtect
VirtualQuery

msvcrt

__getmainargs
__p__environ
__p__fmode
__set_app_type
_cexit
_iob
_onexit
_setmode
_winmajor
abort
atexit
calloc
free
fwrite
memcpy
memset
signal
strrchr
vfprintf

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eh_fram
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 244B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
neubot-0.3.3/win32/neubot.ico

Sharing

General

Malware Config

Signatures

Files

c74e9b8fc4d175936bab4f8340fa3582

Headers

File Characteristics

Imports

kernel32

msvcrt

Sections

.text Size: 4KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 16B

.rdata Size: 512B - Virtual size: 348B

.eh_fram Size: 512B - Virtual size: 4B

.bss Size: - Virtual size: 244B

.idata Size: 1KB - Virtual size: 1KB

.CRT Size: 512B - Virtual size: 24B

.tls Size: 512B - Virtual size: 32B

.rsrc Size: 15KB - Virtual size: 14KB

c74e9b8fc4d175936bab4f8340fa3582

Headers

File Characteristics

Imports

kernel32

msvcrt

Sections

.text Size: 4KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 16B

.rdata Size: 512B - Virtual size: 356B

.eh_fram Size: 512B - Virtual size: 4B

.bss Size: - Virtual size: 244B

.idata Size: 1KB - Virtual size: 1KB

.CRT Size: 512B - Virtual size: 24B

.tls Size: 512B - Virtual size: 32B

.rsrc Size: 15KB - Virtual size: 14KB

c74e9b8fc4d175936bab4f8340fa3582

Headers

File Characteristics

Imports

kernel32

msvcrt

Sections

.text Size: 4KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 16B

.rdata Size: 512B - Virtual size: 352B

.eh_fram Size: 512B - Virtual size: 4B

.bss Size: - Virtual size: 244B

.idata Size: 1KB - Virtual size: 1KB

.CRT Size: 512B - Virtual size: 24B

.tls Size: 512B - Virtual size: 32B

.rsrc Size: 15KB - Virtual size: 14KB

.text
Size: 4KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 16B

.rdata
Size: 512B - Virtual size: 348B

.eh_fram
Size: 512B - Virtual size: 4B

.bss
Size: - Virtual size: 244B

.idata
Size: 1KB - Virtual size: 1KB

.CRT
Size: 512B - Virtual size: 24B

.tls
Size: 512B - Virtual size: 32B

.rsrc
Size: 15KB - Virtual size: 14KB

.text
Size: 4KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 16B

.rdata
Size: 512B - Virtual size: 356B

.eh_fram
Size: 512B - Virtual size: 4B

.bss
Size: - Virtual size: 244B

.idata
Size: 1KB - Virtual size: 1KB

.CRT
Size: 512B - Virtual size: 24B

.tls
Size: 512B - Virtual size: 32B

.rsrc
Size: 15KB - Virtual size: 14KB

.text
Size: 4KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 16B

.rdata
Size: 512B - Virtual size: 352B

.eh_fram
Size: 512B - Virtual size: 4B

.bss
Size: - Virtual size: 244B

.idata
Size: 1KB - Virtual size: 1KB

.CRT
Size: 512B - Virtual size: 24B

.tls
Size: 512B - Virtual size: 32B

.rsrc
Size: 15KB - Virtual size: 14KB