Overview
overview
3Static
static
1Bbsindex.vbs
windows7-x64
1Bbsindex.vbs
windows10-2004-x64
1Bbsindex0.vbs
windows7-x64
1Bbsindex0.vbs
windows10-2004-x64
1Bbsindex1.vbs
windows7-x64
1Bbsindex1.vbs
windows10-2004-x64
1Bbsindex2.vbs
windows7-x64
1Bbsindex2.vbs
windows10-2004-x64
1Cxjg.asp
windows7-x64
3Cxjg.asp
windows10-2004-x64
3Cxjgdisplay.vbs
windows7-x64
1Cxjgdisplay.vbs
windows10-2004-x64
1Cxjgdisplayxianxi.vbs
windows7-x64
1Cxjgdisplayxianxi.vbs
windows10-2004-x64
1Displaycxjg.vbs
windows7-x64
1Displaycxjg.vbs
windows10-2004-x64
1Function.vbs
windows7-x64
1Function.vbs
windows10-2004-x64
1Incfirst.vbs
windows7-x64
1Incfirst.vbs
windows10-2004-x64
1Incone.asp
windows7-x64
3Incone.asp
windows10-2004-x64
3Incsub.vbs
windows7-x64
1Incsub.vbs
windows10-2004-x64
1Inctwo.vbs
windows7-x64
1Inctwo.vbs
windows10-2004-x64
1Intro.asp
windows7-x64
3Intro.asp
windows10-2004-x64
3Logincxjg.vbs
windows7-x64
1Logincxjg.vbs
windows10-2004-x64
1Md5.vbs
windows7-x64
1Md5.vbs
windows10-2004-x64
1Static task
static1
Behavioral task
behavioral1
Sample
Bbsindex.vbs
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
Bbsindex.vbs
Resource
win10v2004-20240802-en
Behavioral task
behavioral3
Sample
Bbsindex0.vbs
Resource
win7-20240903-en
Behavioral task
behavioral4
Sample
Bbsindex0.vbs
Resource
win10v2004-20240802-en
Behavioral task
behavioral5
Sample
Bbsindex1.vbs
Resource
win7-20240903-en
Behavioral task
behavioral6
Sample
Bbsindex1.vbs
Resource
win10v2004-20240802-en
Behavioral task
behavioral7
Sample
Bbsindex2.vbs
Resource
win7-20240704-en
Behavioral task
behavioral8
Sample
Bbsindex2.vbs
Resource
win10v2004-20240802-en
Behavioral task
behavioral9
Sample
Cxjg.asp
Resource
win7-20240729-en
Behavioral task
behavioral10
Sample
Cxjg.asp
Resource
win10v2004-20240802-en
Behavioral task
behavioral11
Sample
Cxjgdisplay.vbs
Resource
win7-20240903-en
Behavioral task
behavioral12
Sample
Cxjgdisplay.vbs
Resource
win10v2004-20240802-en
Behavioral task
behavioral13
Sample
Cxjgdisplayxianxi.vbs
Resource
win7-20240708-en
Behavioral task
behavioral14
Sample
Cxjgdisplayxianxi.vbs
Resource
win10v2004-20240802-en
Behavioral task
behavioral15
Sample
Displaycxjg.vbs
Resource
win7-20240708-en
Behavioral task
behavioral16
Sample
Displaycxjg.vbs
Resource
win10v2004-20240802-en
Behavioral task
behavioral17
Sample
Function.vbs
Resource
win7-20240903-en
Behavioral task
behavioral18
Sample
Function.vbs
Resource
win10v2004-20240802-en
Behavioral task
behavioral19
Sample
Incfirst.vbs
Resource
win7-20240708-en
Behavioral task
behavioral20
Sample
Incfirst.vbs
Resource
win10v2004-20240802-en
Behavioral task
behavioral21
Sample
Incone.asp
Resource
win7-20240704-en
Behavioral task
behavioral22
Sample
Incone.asp
Resource
win10v2004-20240802-en
Behavioral task
behavioral23
Sample
Incsub.vbs
Resource
win7-20240729-en
Behavioral task
behavioral24
Sample
Incsub.vbs
Resource
win10v2004-20240802-en
Behavioral task
behavioral25
Sample
Inctwo.vbs
Resource
win7-20240708-en
Behavioral task
behavioral26
Sample
Inctwo.vbs
Resource
win10v2004-20240802-en
Behavioral task
behavioral27
Sample
Intro.asp
Resource
win7-20240903-en
Behavioral task
behavioral28
Sample
Intro.asp
Resource
win10v2004-20240802-en
Behavioral task
behavioral29
Sample
Logincxjg.vbs
Resource
win7-20240903-en
Behavioral task
behavioral30
Sample
Logincxjg.vbs
Resource
win10v2004-20240802-en
Behavioral task
behavioral31
Sample
Md5.vbs
Resource
win7-20240704-en
Behavioral task
behavioral32
Sample
Md5.vbs
Resource
win10v2004-20240802-en
General
-
Target
da6ec2d1d2d81294b0fde632b0861828_JaffaCakes118
-
Size
617KB
-
MD5
da6ec2d1d2d81294b0fde632b0861828
-
SHA1
1805965240144a2db851b09b68cdeb51ec65e88e
-
SHA256
dff16fd373828e563793d0c8c464a99a2fff10a3c5be8c263c58a1f01dd6c2de
-
SHA512
c4bf617d39e34e07f51dd2a333d341a77d789abaa5c65798102625efc1d09ee859fd775147292c395102f9c5daf589c6887c3be50e1a20b2588ddb2d27a2073d
-
SSDEEP
12288:U9dr13LyhscHd/FVJ1GVL8E9cdGLFSF3eeNtDsYtiTeC:OD2X7VJA5J+GgeUBCeC
Malware Config
Signatures
Files
-
da6ec2d1d2d81294b0fde632b0861828_JaffaCakes118.rar
-
#jd100.mdb
-
25175css_pro.css
-
Bbsindex.asp.vbs
-
Bbsindex0.asp.vbs
-
Bbsindex1.asp.vbs
-
Bbsindex2.asp.vbs
-
Cxjg.asp
-
Cxjgdisplay.asp.vbs
-
Cxjgdisplayxianxi.asp.vbs
-
Displaycxjg.asp.vbs
-
Function.asp.vbs
-
Incfirst.asp.vbs
-
Incone.asp
-
Incsub.asp.vbs
-
Inctwo.asp.vbs
-
Intro.asp
-
Logincxjg.asp.vbs
-
Md5.asp.vbs
-
Newxsfk.asp.vbs
-
Out.asp
-
Pingjia.asp.vbs
-
Pingjiaok.asp.vbs
-
Pjrk.asp
-
Regdisplay.asp.vbs
-
Regok.asp.vbs
-
Regselect.asp.vbs
-
Regsubmit.asp.vbs
-
Tanchu.asp.html
-
TeacherMp.asp.vbs
-
Teacherfkok.asp.vbs
-
Teacherscorel.asp.vbs
-
UserUpdate.asp.vbs
-
Userinfo.asp.vbs
-
Usertuichu.asp
-
Xsfk.asp
-
Xsfkteacher.asp.vbs
-
Xsfkteacherone.asp.vbs
-
a25175_Notice.asp.vbs
-
a25175_addxsfk.asp
-
a25175_conn.asp.vbs
-
a25175_inc.asp.vbs
-
a25175_top.asp
-
a25175bbs_conn.asp.vbs
-
database/hrbu.mdb
-
database/新云软件.url.url
-
dir.txt
-
flashballot/ballot.asp.vbs
-
flashballot/ballot.swf
-
flashballot/ballot_a.asp.vbs
-
flashballot/conn.asp.vbs
-
flashballot/css.css
-
flashballot/editballot.asp.vbs
-
flashballot/editpass.asp.vbs
-
flashballot/index.htm.html
-
flashballot/login.asp.vbs
-
flashballot/logout.asp
-
foot.asp
-
images/007.gif.gif
-
images/0413.jpg.jpg
-
images/ADMINLEFT.jpg.jpg
-
images/FootBg.gif.gif
-
images/FootBg.jpg.jpg
-
images/FootBg.png.png
-
images/GroupManager.bmp
-
images/GroupOwner.bmp
-
images/GroupPreventMsg.bmp
-
images/Gzone.png.png
-
images/InvisibleTag.bmp
-
images/Modifyp.png.png
-
images/QQ_d.gif.gif
-
images/admin.gif.gif
-
images/admin0.gif.gif
-
images/bg.gif.gif
-
images/cqball.gif.gif
-
images/display1.gif.gif
-
images/display2.gif.gif
-
images/display3.gif.gif
-
images/display4.GIF.gif
-
images/face12.gif.gif
-
images/face4.gif.gif
-
images/face5.gif.gif
-
images/foot.jpg.jpg
-
images/icon-1.gif.gif
-
images/icon-21.gif.gif
-
images/icon-22.gif.gif
-
images/im_info.bmp
-
images/left.jpg.jpg
-
images/leftA.jpg.jpg
-
images/left_r1_c1.jpg.jpg
-
images/left_r2_c1.jpg.jpg
-
images/left_r3_c1.jpg.jpg
-
images/left_r4_c1.jpg.jpg
-
images/left_r4_c1_r1_c1.jpg.jpg
-
images/left_r4_c1_r1_c2.jpg.jpg
-
images/left_r4_c1_r1_c3.jpg.jpg
-
images/left_r4_c1_r2_c2.jpg.jpg
-
images/leftbiao1.gif.gif
-
images/leftbiao2.gif.gif
-
images/leftbiao3.gif.gif
-
images/lefttiao.jpg.jpg
-
images/loading_16x16.gif.gif
-
images/login.gif.gif
-
images/mclose.gif.gif
-
images/modifyp.gif.gif
-
images/new.gif.gif
-
images/nmain_searchbutton.gif.gif
-
images/on.gif.gif
-
images/photo_JobSeekers_cn.gif.gif
-
images/pingbanner.jpg.jpg
-
images/pingbanner1.jpg.jpg
-
images/rec.gif.gif
-
images/reg.gif.gif
-
images/right.jpg.jpg
-
images/right_r1_c2.jpg.jpg
-
images/right_r1_c4.jpg.jpg
-
images/right_r1_c6.jpg.jpg
-
images/right_r1_c7.jpg.jpg
-
images/right_r1_c8.jpg.jpg
-
images/right_r2_c6.jpg.jpg
-
images/right_r2_c8.jpg.jpg
-
images/right_r2_c9.jpg.jpg
-
images/right_r3_c6.jpg.jpg
-
images/right_r3_c7.jpg.jpg
-
images/right_r4_c6.jpg.jpg
-
images/right_r4_c8.jpg.jpg
-
images/right_r5_c6.jpg.jpg
-
images/right_r5_c7.jpg.jpg
-
images/right_r6_c6.jpg.jpg
-
images/rightbg.jpg.jpg
-
images/rightbg.png.png
-
images/rightright.jpg.jpg
-
images/righttop.jpg.jpg
-
images/schoolx3_01.gif.gif
-
images/schoolx3_02.gif.gif
-
images/schoolx3_03.gif.gif
-
images/schoolx3_04.gif.gif
-
images/schoolx3_05.gif.gif
-
images/schoolx3_06.gif.gif
-
images/schoolx3_07-14.gif.gif
-
images/schoolx3_07.gif.gif
-
images/schoolx3_08.gif.gif
-
images/schoolx3_09.gif.gif
-
images/schoolx3_10.gif.gif
-
images/schoolx3_11.gif.gif
-
images/schoolx3_12.gif.gif
-
images/schoolx3_14.gif.gif
-
images/schoolx3_15.gif.gif
-
images/schoolx3_16.gif.gif
-
images/schoolx3_17.gif.gif
-
images/schoolx3_18.jpg.jpg
-
images/schoolx3_19.gif.gif
-
images/searchbuttom_49.gif.gif
-
images/spacer.gif.gif
-
images/student.gif.gif
-
images/suiji/0.gif.gif
-
images/suiji/1.gif.gif
-
images/suiji/2.gif.gif
-
images/suiji/3.gif.gif
-
images/suiji/4.gif.gif
-
images/suiji/5.gif.gif
-
images/suiji/6.gif.gif
-
images/suiji/7.gif.gif
-
images/suiji/8.gif.gif
-
images/suiji/9.gif.gif
-
images/suiji/Thumbs.db
-
images/teacher.gif.gif
-
images/tongyi.gif.gif
-
images/tongyi.png.png
-
images/top.jpg.jpg
-
images/xia1.jpg.jpg
-
images/xia2.jpg.jpg
-
images/xia3.jpg.jpg
-
images/xia4.jpg.jpg
-
images/xia5.jpg.jpg
-
images/xia6.jpg.jpg
-
images/xianxi.gif.gif
-
images/xianxixinxi.gif.gif
-
images/xin.gif.gif
-
images/xsfkone.gif.gif
-
images/xxxx.gif.gif
-
images/xxxx.png.png
-
images/分隔符.gif.gif
-
img/1101.gif.gif
-
img/1102.gif.gif
-
img/1103.gif.gif
-
img/1104.gif.gif
-
img/1105.gif.gif
-
img/1106.gif.gif
-
img/1107.gif.gif
-
img/1108.gif.gif
-
img/1109.gif.gif
-
img/1110.gif.gif
-
img/1111.gif.gif
-
img/2101.gif.gif
-
img/2102.gif.gif
-
img/2103.gif.gif
-
img/2104.gif.gif
-
img/2105.gif.gif
-
img/2106.gif.gif
-
img/2107.gif.gif
-
img/2108.gif.gif
-
img/2109.gif.gif
-
img/2110.gif.gif
-
img/2111.gif.gif
-
img/T_bottombg.gif.gif
-
img/T_bottomleft.gif.gif
-
img/T_bottomright.gif.gif
-
img/T_left.gif.gif
-
img/T_right.gif.gif
-
img/Thumbs.db
-
img/Tt_bg.gif.gif
-
img/Ubb_bold.gif.gif
-
img/Ubb_center.gif.gif
-
img/Ubb_email.gif.gif
-
img/Ubb_image.gif.gif
-
img/Ubb_italicize.gif.gif
-
img/Ubb_swf.gif.gif
-
img/Ubb_underline.gif.gif
-
img/Ubb_url.gif.gif
-
img/back.gif.gif
-
img/bookbg.gif.gif
-
img/come.gif.gif
-
img/del.gif.gif
-
img/email.gif.gif
-
img/homepage.gif.gif
-
img/ip.gif.gif
-
img/istop.gif.gif
-
img/jd-to-1.gif.gif
-
img/jd-to.gif.gif
-
img/jd100.css
-
img/oicq.gif.gif
-
img/post.gif.gif
-
img/post1.gif.gif
-
img/reply.gif.gif
-
img/ubb_img.gif.gif
-
img/xsfkteacher.gif.gif
-
index.asp.vbs
-
left.asp
-
login.asp.vbs
-
pingjiaone.asp.vbs
-
readme.txt
-
reg.asp
-
right.asp
-
teacherfkinfo.asp.vbs
-
top.asp
-
xia1.asp
-
xia2.asp
-
xia3.asp
-
xia4.asp
-
xia5.asp
-
xia6.asp