Overview

overview

6

Static

static

3

152217180/...j1.dll

windows7-x64

3

152217180/...j1.dll

windows10-2004-x64

3

152217180/...G.html

windows7-x64

3

152217180/...G.html

windows10-2004-x64

3

152217180/...T.html

windows7-x64

3

152217180/...T.html

windows10-2004-x64

1

152217180/Ustring.js

windows7-x64

3

152217180/Ustring.js

windows10-2004-x64

3

152217180/...G.html

windows7-x64

3

152217180/...G.html

windows10-2004-x64

3

152217180/...T.html

windows7-x64

3

152217180/...T.html

windows10-2004-x64

3

152217180/.../s.dll

windows7-x64

3

152217180/.../s.dll

windows10-2004-x64

3

152217180/...ing.js

windows7-x64

3

152217180/...ing.js

windows10-2004-x64

3

152217180/...ing.js

windows7-x64

3

152217180/...ing.js

windows10-2004-x64

3

152217180/...t1.exe

windows7-x64

3

152217180/...t1.exe

windows10-2004-x64

3

152217180/...ing.js

windows7-x64

3

152217180/...ing.js

windows10-2004-x64

3

152217180/...04.dll

windows7-x64

6

152217180/...04.dll

windows10-2004-x64

6

152217180/...04.exe

windows7-x64

6

152217180/...04.exe

windows10-2004-x64

6

Sharing

Copy URL Twitter E-mail

General

  • Target

    eaaef63dce1b560a80b44f5672c04ab5_JaffaCakes118

  • Size

    1.7MB

  • MD5

    eaaef63dce1b560a80b44f5672c04ab5

  • SHA1

    301f93d0b555202fc1cea84b766dfb514a699a7a

  • SHA256

    9bf8badbecd1ec3764f3c69cb193675162aa85b3639144309a71a96773b5ba63

  • SHA512

    e1cda27c1b02ee636b8561df11e347b31d5c718a350acc29ada40f540f78dfc040c57f34ba241dbd4732181fd4e380a86a39a3264b0d91d0ace6a5154233d29a

  • SSDEEP

    49152:/zF1UZzWtHP7wMxIgwgt+oPzkYYUgBQRRmR9CF1:xOZzW57nygkUgB4RmW3

Score
3/10

Malware Config

Signatures

  • Unsigned PE 5 IoCs

    Checks for missing Authenticode signature.

Files

  • eaaef63dce1b560a80b44f5672c04ab5_JaffaCakes118
    .rar
  • 152217180/ActiveFormImpl1.dcu
  • 152217180/ActiveFormProj1.ocx
    .dll regsvr32 windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • 152217180/ActiveFormProj1_TLB.dcu
  • 152217180/Files/0044.GIF
    .gif
  • 152217180/Files/14.JPG
    .jpg
  • 152217180/Files/FRMLOG1.gif
    .gif
  • 152217180/Files/Key.dat
  • 152217180/Files/Thumbs.db
  • 152217180/Files/image001.gif
    .gif
  • 152217180/Files/image002.gif
    .gif
  • 152217180/Files/wleft.gif
    .gif
  • 152217180/Files/wright.gif
    .gif
  • 152217180/Key.dat
  • 152217180/Project1.iwb
  • 152217180/ServerController.dcu
  • 152217180/ServerController.ddp
  • 152217180/ServerController.dfm
  • 152217180/ServerController.pas
  • 152217180/ServerController.~ddp
  • 152217180/ServerController.~dfm
  • 152217180/ServerController.~pas
  • 152217180/Templates/FRMLOG.htmL
    .html
  • 152217180/Templates/IWFRMGUEST.htmL
    .html
  • 152217180/U_guestMain.dcu
  • 152217180/U_guestMain.ddp
  • 152217180/U_guestMain.dfm
  • 152217180/U_guestMain.pas
  • 152217180/U_guestMain.~ddp
  • 152217180/U_guestMain.~dfm
  • 152217180/U_guestMain.~pas
  • 152217180/Unit1.dcu
  • 152217180/Unit1.ddp
  • 152217180/Unit1.dfm
  • 152217180/Unit1.pas
  • 152217180/Unit1.~dfm
  • 152217180/Unit1.~pas
  • 152217180/Unit2.dcu
  • 152217180/Unit3.dcu
  • 152217180/UserSessionUnit.dcu
  • 152217180/Ustring.dcu
  • 152217180/Ustring.~pas
    .js
  • 152217180/_mytsjydll/Files/0044.GIF
    .gif
  • 152217180/_mytsjydll/Files/14.JPG
    .jpg
  • 152217180/_mytsjydll/Files/FRMLOG1.gif
    .gif
  • 152217180/_mytsjydll/Files/Key.dat
  • 152217180/_mytsjydll/Files/Thumbs.db
  • 152217180/_mytsjydll/Files/image001.gif
    .gif
  • 152217180/_mytsjydll/Files/image002.gif
    .gif
  • 152217180/_mytsjydll/Files/wleft.gif
    .gif
  • 152217180/_mytsjydll/Files/wright.gif
    .gif
  • 152217180/_mytsjydll/Templates/FRMLOG.htmL
    .html
  • 152217180/_mytsjydll/Templates/IWFRMGUEST.htmL
    .html
  • 152217180/_mytsjydll/cm.udl
  • 152217180/_mytsjydll/global.txt
  • 152217180/_mytsjydll/s.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • 152217180/_mytsjydll/tsjy.ldb
  • 152217180/_mytsjydll/tsjy.mdb
  • 152217180/frmqk.dfm
  • 152217180/frmqk.pas
  • 152217180/global.txt
  • 152217180/other/RegObj.dcu
  • 152217180/other/RegObj.pas
  • 152217180/other/RegObj.~pas
  • 152217180/other/Ustring.dcu
  • 152217180/other/Ustring.pas
    .js
  • 152217180/other/Ustring.~pas
    .js
  • 152217180/other/rsFileVersion.dcu
  • 152217180/other/rsFileVersion.pas
  • 152217180/other/注册机tsgl/Project1.cfg
  • 152217180/other/注册机tsgl/Project1.dof
  • 152217180/other/注册机tsgl/Project1.dpr
  • 152217180/other/注册机tsgl/Project1.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • 152217180/other/注册机tsgl/Project1.res
  • 152217180/other/注册机tsgl/Project1.~dpr
  • 152217180/other/注册机tsgl/Unit1.dcu
  • 152217180/other/注册机tsgl/Unit1.dfm
  • 152217180/other/注册机tsgl/Unit1.pas
  • 152217180/other/注册机tsgl/Unit1.~dfm
  • 152217180/other/注册机tsgl/Unit1.~pas
  • 152217180/other/注册机tsgl/Ustring.dcu
  • 152217180/other/注册机tsgl/Ustring.pas
    .js
  • 152217180/s.cfg
  • 152217180/s.dof
  • 152217180/s.iwb
  • 152217180/s.res
  • 152217180/s.~dpr
  • 152217180/tempuntmain.dcu
  • 152217180/tempuntmain.ddp
  • 152217180/tempuntmain.dfm
  • 152217180/tempuntmain.pas
  • 152217180/tempuntmain.~ddp
  • 152217180/tempuntmain.~dfm
  • 152217180/tempuntmain.~pas
  • 152217180/tsjy.mdb
  • 152217180/unqkbasic.dcu
  • 152217180/unqkbasic.ddp
  • 152217180/unqkbasic.dfm
  • 152217180/unqkbasic.pas
  • 152217180/unqkbasic.~ddp
  • 152217180/unqkbasic.~dfm
  • 152217180/unqkbasic.~pas
  • 152217180/untback.dcu
  • 152217180/untback.dfm
  • 152217180/untback.pas
  • 152217180/untexpire.dcu
  • 152217180/untexpire.ddp
  • 152217180/untexpire.dfm
  • 152217180/untexpire.pas
  • 152217180/untexpire.~ddp
  • 152217180/untexpire.~dfm
  • 152217180/untexpire.~pas
  • 152217180/untframe.dcu
  • 152217180/untframe.ddp
  • 152217180/untframe.dfm
  • 152217180/untframe.pas
  • 152217180/untframe.~ddp
  • 152217180/untframe.~dfm
  • 152217180/untframe.~pas
  • 152217180/untguest.dcu
  • 152217180/untguest.ddp
  • 152217180/untguest.dfm
  • 152217180/untguest.pas
  • 152217180/untguest.~ddp
  • 152217180/untguest.~dfm
  • 152217180/untguest.~pas
  • 152217180/untlog.dcu
  • 152217180/untlog.ddp
  • 152217180/untlog.dfm
  • 152217180/untlog.pas
  • 152217180/untlog.~ddp
  • 152217180/untlog.~dfm
  • 152217180/untlog.~pas
  • 152217180/untluru.dcu
  • 152217180/untluru.ddp
  • 152217180/untluru.dfm
  • 152217180/untluru.pas
  • 152217180/untluru.~ddp
  • 152217180/untluru.~dfm
  • 152217180/untluru.~pas
  • 152217180/untmgdept.dcu
  • 152217180/untmgdept.ddp
  • 152217180/untmgdept.dfm
  • 152217180/untmgdept.pas
  • 152217180/untmgdept.~ddp
  • 152217180/untmgdept.~dfm
  • 152217180/untmgdept.~pas
  • 152217180/untmgread.dcu
  • 152217180/untmgread.ddp
  • 152217180/untmgread.dfm
  • 152217180/untmgread.pas
  • 152217180/untmgread.~ddp
  • 152217180/untmgread.~dfm
  • 152217180/untmgread.~pas
  • 152217180/untmguser.dcu
  • 152217180/untmguser.ddp
  • 152217180/untmguser.dfm
  • 152217180/untmguser.pas
  • 152217180/untmguser.~ddp
  • 152217180/untmguser.~dfm
  • 152217180/untmguser.~pas
  • 152217180/untnewbook.dcu
  • 152217180/untnewbook.ddp
  • 152217180/untnewbook.dfm
  • 152217180/untnewbook.pas
  • 152217180/untnewbook.~ddp
  • 152217180/untnewbook.~dfm
  • 152217180/untnewbook.~pas
  • 152217180/untpassword.dcu
  • 152217180/untpassword.ddp
  • 152217180/untpassword.dfm
  • 152217180/untpassword.pas
  • 152217180/untpassword.~ddp
  • 152217180/untpassword.~dfm
  • 152217180/untpassword.~pas
  • 152217180/untpub.dcu
  • 152217180/untpub.ddp
  • 152217180/untpub.dfm
  • 152217180/untpub.pas
  • 152217180/untpub.~ddp
  • 152217180/untpub.~dfm
  • 152217180/untpub.~pas
  • 152217180/untqkluru.dcu
  • 152217180/untqkluru.ddp
  • 152217180/untqkluru.dfm
  • 152217180/untqkluru.pas
  • 152217180/untqkluru.~ddp
  • 152217180/untqkluru.~dfm
  • 152217180/untqkluru.~pas
  • 152217180/untqkluru22.dcu
  • 152217180/untqkluru22.ddp
  • 152217180/untqkluru22.dfm
  • 152217180/untqkluru22.pas
  • 152217180/untqkluru22.~ddp
  • 152217180/untqkluru22.~dfm
  • 152217180/untqkluru22.~pas
  • 152217180/untreadifo.dcu
  • 152217180/untreadifo.ddp
  • 152217180/untreadifo.dfm
  • 152217180/untreadifo.pas
  • 152217180/untreadifo.~ddp
  • 152217180/untreadifo.~dfm
  • 152217180/untreadifo.~pas
  • 152217180/untreg.dcu
  • 152217180/untreg.ddp
  • 152217180/untreg.dfm
  • 152217180/untreg.pas
  • 152217180/untreg.~ddp
  • 152217180/untreg.~dfm
  • 152217180/untreg.~pas
  • 152217180/untreturn.dcu
  • 152217180/untreturn.ddp
  • 152217180/untreturn.dfm
  • 152217180/untreturn.pas
  • 152217180/untreturn.~ddp
  • 152217180/untreturn.~dfm
  • 152217180/untreturn.~pas
  • 152217180/untsbook.dcu
  • 152217180/untsbook.ddp
  • 152217180/untsbook.dfm
  • 152217180/untsbook.pas
  • 152217180/untsbook.~ddp
  • 152217180/untsbook.~dfm
  • 152217180/untsbook.~pas
  • 152217180/untselectbook.dfm
  • 152217180/untsqk.dcu
  • 152217180/untsqk.ddp
  • 152217180/untsqk.dfm
  • 152217180/untsqk.pas
  • 152217180/untsqk.~ddp
  • 152217180/untsqk.~dfm
  • 152217180/untsqk.~pas
  • 152217180/untsread.dcu
  • 152217180/untsread.ddp
  • 152217180/untsread.dfm
  • 152217180/untsread.pas
  • 152217180/untsread.~ddp
  • 152217180/untsread.~dfm
  • 152217180/untsread.~pas
  • 152217180/untszglob.dcu
  • 152217180/untszglob.ddp
  • 152217180/untszglob.dfm
  • 152217180/untszglob.pas
  • 152217180/untszglob.~ddp
  • 152217180/untszglob.~dfm
  • 152217180/untszglob.~pas
  • 152217180/unttemp.dcu
  • 152217180/unttemp.ddp
  • 152217180/unttemp.dfm
  • 152217180/unttemp.pas
  • 152217180/unttemp.~ddp
  • 152217180/unttemp.~dfm
  • 152217180/unttemp.~pas
  • 152217180/weblib2004.cfg
  • 152217180/weblib2004.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • 152217180/weblib2004.dof
  • 152217180/weblib2004.dpr
  • 152217180/weblib2004.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • 152217180/weblib2004.iwb
  • 152217180/weblib2004.~dpr
  • 152217180/下载说明.htm
    .html .js polyglot