Overview

overview

3

Static

static

3

343623356/...er.sys

windows7-x64

1

343623356/...er.sys

windows10-2004-x64

1

343623356/...ER.exe

windows7-x64

3

343623356/...ER.exe

windows10-2004-x64

3

343623356/...er.sys

windows7-x64

1

343623356/...er.sys

windows10-2004-x64

1

343623356/...ld.bat

windows7-x64

1

343623356/...ld.bat

windows10-2004-x64

1

343623356/...er.sys

windows7-x64

1

343623356/...er.sys

windows10-2004-x64

1

343623356/...ll.exe

windows7-x64

3

343623356/...ll.exe

windows10-2004-x64

3

343623356/...SP.dll

windows7-x64

3

343623356/...SP.dll

windows10-2004-x64

3

343623356/...er.dll

windows7-x64

3

343623356/...er.dll

windows10-2004-x64

3

343623356/...ll.exe

windows7-x64

3

343623356/...ll.exe

windows10-2004-x64

3

343623356/...pi.dll

windows7-x64

3

343623356/...pi.dll

windows10-2004-x64

3

343623356/...og.vbs

windows7-x64

1

343623356/...og.vbs

windows10-2004-x64

1

343623356/...ll.exe

windows7-x64

3

343623356/...ll.exe

windows10-2004-x64

3

343623356/...og.dll

windows7-x64

3

343623356/...og.dll

windows10-2004-x64

3

343623356/...ped.js

windows7-x64

3

343623356/...ped.js

windows10-2004-x64

3

343623356/...og.vbs

windows7-x64

1

343623356/...og.vbs

windows10-2004-x64

1

343623356/...pi.exe

windows7-x64

3

343623356/...pi.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    d43f3268dacfa4f127c626f3da8de6ef_JaffaCakes118

  • Size

    1.2MB

  • MD5

    d43f3268dacfa4f127c626f3da8de6ef

  • SHA1

    ee88843bd022c93d8cef3c5ad02ff8855cad1b55

  • SHA256

    22ca321cf1ce863aba18c7f2bd0b0575fbc806a7b9ee31b4f019fffd42ded21d

  • SHA512

    e3960aa121c4bb178a9702d24a1c289d771d00ce0e58bed705f4a2ecf1261d6d38b76963cd26da104b216aa6918b9717cd9e8b08dbf6c561dd2209fd5b98c74a

  • SSDEEP

    24576:Lq8sEbSGwESKaVM6pk5sNwbGWUnCK+PG3F2GjEX+CmOuy:u8ssYMI85KTnC/EF2i1CmY

Score
3/10

Malware Config

Signatures

  • Unsigned PE 19 IoCs

    Checks for missing Authenticode signature.

Files

  • d43f3268dacfa4f127c626f3da8de6ef_JaffaCakes118
    .rar
  • 343623356/FilterTdiDriver/MAKEFILE
  • 343623356/FilterTdiDriver/PACKET.H
  • 343623356/FilterTdiDriver/Packet.c
  • 343623356/FilterTdiDriver/Setup/FilterTdiDriver.reg
  • 343623356/FilterTdiDriver/Setup/FilterTdiDriver.sys
    .sys windows:5 windows x86 arch:x86

    57b8acde880a5132f8d95d229ccaccf9


    Headers

    Imports

    Sections

  • 343623356/FilterTdiDriver/Setup/SAMPLE.TXT
  • 343623356/FilterTdiDriver/Sources
  • 343623356/GuiDesign/MSSCCPRJ.SCC
  • 343623356/GuiDesign/XFILTER.EXE
    .exe windows:4 windows x86 arch:x86

    225eb5c9b8196fe1208b7f998c2b716d


    Headers

    Imports

    Sections

  • 343623356/GuiDesign/XFILTER.VBP
  • 343623356/GuiDesign/XFILTER.VBW
  • 343623356/GuiDesign/frmAcl.frm
  • 343623356/GuiDesign/frmAcl.frx
  • 343623356/GuiDesign/frmInfo.frm
  • 343623356/GuiDesign/frmInfo.frx
  • 343623356/GuiDesign/frmMain.frm
  • 343623356/GuiDesign/frmMain.frx
  • 343623356/MinDriver/MAKEFILE
  • 343623356/MinDriver/MinDriver.c
  • 343623356/MinDriver/MinDriver.h
  • 343623356/MinDriver/MinDriver.reg
  • 343623356/MinDriver/MinDriver.sys
    .sys windows:5 windows x86 arch:x86

    b31d13b9f5ba686accb2a4fe9d3bc565


    Headers

    Imports

    Sections

  • 343623356/MinDriver/Sources
  • 343623356/MinDriverInVc/Build.bat
  • 343623356/MinDriverInVc/MinDriver/MAKEFILE
  • 343623356/MinDriverInVc/MinDriver/MinDriver.c
  • 343623356/MinDriverInVc/MinDriver/MinDriver.h
  • 343623356/MinDriverInVc/MinDriver/MinDriver.reg
  • 343623356/MinDriverInVc/MinDriver/MinDriver.sys
    .sys windows:5 windows x86 arch:x86

    b31d13b9f5ba686accb2a4fe9d3bc565


    Headers

    Imports

    Sections

  • 343623356/MinDriverInVc/MinDriver/Sources
  • 343623356/MinDriverInVc/MinDriverInVc.dsp
  • 343623356/MinDriverInVc/MinDriverInVc.dsw
  • 343623356/MinLSP/InstallExe/INSTLSP.CPP
  • 343623356/MinLSP/InstallExe/INSTLSP.DSP
  • 343623356/MinLSP/MinLSP.dsw
  • 343623356/MinLSP/Release/Install.exe
    .exe windows:4 windows x86 arch:x86

    538dcf89fcdd9e425bb1acf73a2c3e1b


    Headers

    Imports

    Sections

  • 343623356/MinLSP/Release/MinLSP.dll
    .dll windows:4 windows x86 arch:x86

    60b883eda5b75e76468b0b1aa411ca05


    Headers

    Imports

    Exports

    Sections

  • 343623356/MinLSP/Release/Sporder.Dll
    .dll windows:5 windows x86 arch:x86

    6abd26d532ebd1c429b3b41007e22348


    Headers

    Imports

    Exports

    Sections

  • 343623356/MinLSP/TcpIpDog/LspServ.def
  • 343623356/MinLSP/TcpIpDog/TcpIpDog.dsp
  • 343623356/MinLSP/TcpIpDog/TcpIpdog.cpp
  • 343623356/MinWinsockSpi/Common/XInstall.cpp
  • 343623356/MinWinsockSpi/Common/XInstall.h
  • 343623356/MinWinsockSpi/InstallExe/InstallExe.cpp
  • 343623356/MinWinsockSpi/InstallExe/InstallExe.dsp
  • 343623356/MinWinsockSpi/InstallExe/StdAfx.cpp
  • 343623356/MinWinsockSpi/InstallExe/StdAfx.h
  • 343623356/MinWinsockSpi/MinWinsockSpi.dsw
  • 343623356/MinWinsockSpi/Release/Install.exe
    .exe windows:4 windows x86 arch:x86

    d5c9d13a702152a67e4c042a6ba19648


    Headers

    Imports

    Sections

  • 343623356/MinWinsockSpi/Release/MinWinsockSpi.dll
    .dll windows:4 windows x86 arch:x86

    64085d225fc93b0d2d973e2e64a8f6a8


    Headers

    Imports

    Exports

    Sections

  • 343623356/MinWinsockSpi/TcpIpDog/LspServ.def
  • 343623356/MinWinsockSpi/TcpIpDog/TcpIpDog.dsp
  • 343623356/MinWinsockSpi/TcpIpDog/TcpIpdog.cpp
    .vbs
  • 343623356/PacketCapture/Common/Debug.h
  • 343623356/PacketCapture/Common/XInstall.cpp
  • 343623356/PacketCapture/Common/XInstall.h
  • 343623356/PacketCapture/InstallExe/InstallExe.cpp
  • 343623356/PacketCapture/InstallExe/InstallExe.dsp
  • 343623356/PacketCapture/InstallExe/StdAfx.cpp
  • 343623356/PacketCapture/InstallExe/StdAfx.h
  • 343623356/PacketCapture/PacketCapture.dsw
  • 343623356/PacketCapture/Release/Install.exe
    .exe windows:4 windows x86 arch:x86

    d5c9d13a702152a67e4c042a6ba19648


    Headers

    Imports

    Sections

  • 343623356/PacketCapture/Release/TcpIpDog.dll
    .dll windows:4 windows x86 arch:x86

    c8165a27adfe25b105231b4f9da0af29


    Headers

    Imports

    Exports

    Sections

  • 343623356/PacketCapture/Sample/Sample.txt
  • 343623356/PacketCapture/TcpIpDog/LspServ.def
  • 343623356/PacketCapture/TcpIpDog/Overlapped.cpp
    .js
  • 343623356/PacketCapture/TcpIpDog/Overlapped.h
  • 343623356/PacketCapture/TcpIpDog/STDAFX.H
  • 343623356/PacketCapture/TcpIpDog/StdAfx.cpp
  • 343623356/PacketCapture/TcpIpDog/TcpIpDog.dsp
  • 343623356/PacketCapture/TcpIpDog/TcpIpdog.cpp
    .vbs
  • 343623356/Tools/DumpSpi.exe
    .exe windows:4 windows x86 arch:x86

    3986b83ae58b98a5d1a2d7248fb6b7ef


    Headers

    Imports

    Sections

  • 343623356/XFILTER/Common/Debug.h
  • 343623356/XFILTER/Common/TypeStruct.h
  • 343623356/XFILTER/Common/XCommon.cpp
  • 343623356/XFILTER/Common/XCommon.h
  • 343623356/XFILTER/Common/XFile.cpp
    .js
  • 343623356/XFILTER/Common/XFile.h
  • 343623356/XFILTER/Common/XFileRes.h
  • 343623356/XFILTER/Common/XInstall.cpp
  • 343623356/XFILTER/Common/XInstall.h
  • 343623356/XFILTER/Common/XLogFile.cpp
    .js
  • 343623356/XFILTER/Common/XLogFile.h
  • 343623356/XFILTER/FILELIST.TXT
  • 343623356/XFILTER/Help/Html/CONT0.HTM
    .html .vbs polyglot
  • 343623356/XFILTER/Help/Html/CONT1.HTM
    .html .vbs polyglot
  • 343623356/XFILTER/Help/Html/CONT2.HTM
    .html .vbs polyglot
  • 343623356/XFILTER/Help/Html/CONT3.HTM
    .html .vbs polyglot
  • 343623356/XFILTER/Help/Html/CONT4.HTM
    .html .vbs polyglot
  • 343623356/XFILTER/Help/Html/CONT5.HTM
    .html .vbs polyglot
  • 343623356/XFILTER/Help/Html/CONT6.HTM
    .html .vbs polyglot
  • 343623356/XFILTER/Help/Html/CONT7.HTM
    .html .vbs polyglot
  • 343623356/XFILTER/Help/Html/CONT8.HTM
    .html .vbs polyglot
  • 343623356/XFILTER/Help/Html/CONT9.HTM
    .html .vbs polyglot
  • 343623356/XFILTER/Help/Xfilter.chm
    .chm
  • 343623356/XFILTER/Help/Xfilter.h
  • 343623356/XFILTER/Help/Xfilter.hhc
    .html
  • 343623356/XFILTER/Help/Xfilter.hhk
    .html
  • 343623356/XFILTER/Help/Xfilter.hhp
  • 343623356/XFILTER/Lib/HTMLHELP.H
  • 343623356/XFILTER/Lib/HTMLHELP.LIB
  • 343623356/XFILTER/NetCommand/Command.txt
  • 343623356/XFILTER/Property/About.cpp
  • 343623356/XFILTER/Property/About.h
  • 343623356/XFILTER/Property/Acl.cpp
  • 343623356/XFILTER/Property/Acl.h
  • 343623356/XFILTER/Property/AclSet.cpp
  • 343623356/XFILTER/Property/AclSet.h
  • 343623356/XFILTER/Property/GuiRes.h
    .vbs
  • 343623356/XFILTER/Property/HyperLink/Hyperlink.cpp
  • 343623356/XFILTER/Property/HyperLink/Hyperlink.h
  • 343623356/XFILTER/Property/Internet/Internet.cpp
    .js
  • 343623356/XFILTER/Property/Internet/Internet.h
  • 343623356/XFILTER/Property/LogQuery.cpp
    .js
  • 343623356/XFILTER/Property/LogQuery.h
  • 343623356/XFILTER/Property/MainFrame/MainFrame.cpp
  • 343623356/XFILTER/Property/MainFrame/mainframe.h
  • 343623356/XFILTER/Property/MainSheet.cpp
  • 343623356/XFILTER/Property/MainSheet.h
  • 343623356/XFILTER/Property/NetIPAria.cpp
  • 343623356/XFILTER/Property/NetIPAria.h
  • 343623356/XFILTER/Property/NetTimeSheet.cpp
  • 343623356/XFILTER/Property/NetTimeSheet.h
  • 343623356/XFILTER/Property/PacketMonitor.cpp
  • 343623356/XFILTER/Property/PacketMonitor.h
  • 343623356/XFILTER/Property/Property.clw
  • 343623356/XFILTER/Property/Property.cpp
  • 343623356/XFILTER/Property/Property.dsp
  • 343623356/XFILTER/Property/Property.h
  • 343623356/XFILTER/Property/Property.rc
  • 343623356/XFILTER/Property/RES/ABOUT.BMP
  • 343623356/XFILTER/Property/RES/ACLSET.ICO
  • 343623356/XFILTER/Property/RES/ALERTSET.ICO
  • 343623356/XFILTER/Property/RES/APPSET.ICO
  • 343623356/XFILTER/Property/RES/Alert.ico
  • 343623356/XFILTER/Property/RES/BASESET.ICO
  • 343623356/XFILTER/Property/RES/COMMONSET.ICO
  • 343623356/XFILTER/Property/RES/DenyEx1.ico
  • 343623356/XFILTER/Property/RES/Email.ico
  • 343623356/XFILTER/Property/RES/IPSET.ICO
  • 343623356/XFILTER/Property/RES/MEMO.ICO
  • 343623356/XFILTER/Property/RES/Message.ico
  • 343623356/XFILTER/Property/RES/Monitor.ico
  • 343623356/XFILTER/Property/RES/NETSET.ICO
  • 343623356/XFILTER/Property/RES/NULL.ICO
  • 343623356/XFILTER/Property/RES/PassEx1.ico
  • 343623356/XFILTER/Property/RES/Property.ico
  • 343623356/XFILTER/Property/RES/Property.rc2
  • 343623356/XFILTER/Property/RES/QueryEx1.ico
  • 343623356/XFILTER/Property/RES/QueryResult.ico
  • 343623356/XFILTER/Property/RES/QuerySet.ICO
  • 343623356/XFILTER/Property/RES/SPLASH.BMP
  • 343623356/XFILTER/Property/RES/SUPERSET.ICO
  • 343623356/XFILTER/Property/RES/TIMESET.ICO
  • 343623356/XFILTER/Property/RES/UserInfo.ico
  • 343623356/XFILTER/Property/RES/Xfilter.ico
  • 343623356/XFILTER/Property/RESOURCE.H
  • 343623356/XFILTER/Property/Register.cpp
  • 343623356/XFILTER/Property/Register.h
  • 343623356/XFILTER/Property/SetNet.cpp
  • 343623356/XFILTER/Property/SetNet.h
  • 343623356/XFILTER/Property/SetTime.cpp
  • 343623356/XFILTER/Property/SetTime.h
  • 343623356/XFILTER/Property/Splash.cpp
  • 343623356/XFILTER/Property/Splash.h
  • 343623356/XFILTER/Property/StdAfx.cpp
  • 343623356/XFILTER/Property/StdAfx.h
  • 343623356/XFILTER/Property/SystemSet.cpp
  • 343623356/XFILTER/Property/SystemSet.h
  • 343623356/XFILTER/Property/SystemTray/SystemTray.cpp
  • 343623356/XFILTER/Property/SystemTray/SystemTray.h
  • 343623356/XFILTER/Release/XACL.CFG
  • 343623356/XFILTER/Release/Xfilter.chm
    .chm
  • 343623356/XFILTER/Release/Xfilter.dll
    .dll windows:4 windows x86 arch:x86

    2dcdd3959ed519ef99249037869bdbea


    Headers

    Imports

    Exports

    Sections

  • 343623356/XFILTER/Release/Xfilter.exe
    .exe windows:4 windows x86 arch:x86

    df0a93732815a957972f6554c43fe9d7


    Headers

    Imports

    Sections

  • 343623356/XFILTER/Setup/Files/Xfilter.chm
    .chm
  • 343623356/XFILTER/Setup/Files/Xfilter.dll
    .dll windows:4 windows x86 arch:x86

    9a31e5a9d3b859960ea35302d615979b


    Headers

    Imports

    Exports

    Sections

  • 343623356/XFILTER/Setup/Files/Xfilter.exe
    .exe windows:4 windows x86 arch:x86

    df0a93732815a957972f6554c43fe9d7


    Headers

    Imports

    Sections

  • 343623356/XFILTER/Setup/Xfilter102.EXE
    .exe windows:4 windows x86 arch:x86

    fc1300250f0ecc0cf4491b54efe75246


    Headers

    Imports

    Exports

    Sections

  • 343623356/XFILTER/Setup/Xfilter102.wse
  • 343623356/XFILTER/TcpIpDog/CheckAcl.cpp
  • 343623356/XFILTER/TcpIpDog/CheckAcl.h
  • 343623356/XFILTER/TcpIpDog/Codes.h
  • 343623356/XFILTER/TcpIpDog/LspServ.def
  • 343623356/XFILTER/TcpIpDog/Overlapped.cpp
    .js
  • 343623356/XFILTER/TcpIpDog/Overlapped.h
  • 343623356/XFILTER/TcpIpDog/ProtocolInfo.cpp
  • 343623356/XFILTER/TcpIpDog/ProtocolInfo.h
  • 343623356/XFILTER/TcpIpDog/StdAfx.cpp
  • 343623356/XFILTER/TcpIpDog/StdAfx.h
  • 343623356/XFILTER/TcpIpDog/TcpIpDog.dsp
  • 343623356/XFILTER/TcpIpDog/TcpIpDog.h
  • 343623356/XFILTER/TcpIpDog/TcpIpdog.cpp
    .vbs
  • 343623356/XFILTER/Xfilter.dsw
  • 343623356/xpassthru/MAKEFILE
  • 343623356/xpassthru/MINIHOOK.C
  • 343623356/xpassthru/MINIHOOK.H
  • 343623356/xpassthru/PACKET.H
  • 343623356/xpassthru/PREXSIM.H
  • 343623356/xpassthru/PROTHOOK.C
  • 343623356/xpassthru/PROTHOOK.H
  • 343623356/xpassthru/Packet.c
  • 343623356/xpassthru/RECV.C
  • 343623356/xpassthru/RESOURCE.H
  • 343623356/xpassthru/SEND.C
  • 343623356/xpassthru/SOURCES
  • 343623356/xpassthru/Sample/SampleLog.txt
  • 343623356/xpassthru/Setup/XFTOWIN.INF
  • 343623356/xpassthru/Setup/XPASSTHRU.sys
    .sys windows:5 windows x86 arch:x86

    050dd5acd9ad2bdeb8dbc3cf907871fb


    Headers

    Imports

    Sections

  • 343623356/xpassthru/Setup/XSFILTER.DLL
    .dll regsvr32 windows:5 windows x86 arch:x86

    0a77860539ee78aee0b360dbd4ff131a


    Headers

    Imports

    Exports

    Sections

  • 343623356/xpassthru/Setup/xpassthru.inf
  • 343623356/xpassthru/xpassthru.c
  • 343623356/xpassthru/xpassthru.h
  • 343623356/xpassthru/xpassthru.rc
  • 343623356/下载说明.htm
    .html .js polyglot
  • 343623356/读者调查表.doc
    .doc windows office2003