Errors
Reason
expected element type <jnlp> but have <jnlp-file>
Reason
expected element type <jnlp> but have <jnlp-file>
Reason
expected element type <jnlp> but have <jnlp-file>
Reason
expected element type <jnlp> but have <jnlp-file>
Reason
expected element type <jnlp> but have <jnlp-file>
Reason
expected element type <jnlp> but have <jnlp-file>
Reason
expected element type <jnlp> but have <jnlp-fil>
Reason
expected element type <jnlp> but have <jnlp-file>
Reason
expected element type <jnlp> but have <jnlp-file>
Reason
expected element type <jnlp> but have <jnlp-file>
General
-
Target
CripsyTlow (peng).zip
-
Size
31.4MB
-
MD5
647c0d13c6c974da1b16839f2559c08b
-
SHA1
d759bf1904c9721d666117a6d6792a78aa6e423b
-
SHA256
7caedc8baef35aadaeaf7f264f3d2016fee3b3b6435d7a1486cd6a26222bd1db
-
SHA512
ea24bae74b6a08dd04d224961cfb7efa402f2bd631ced42e03d6eb12b0910caf432d1d472857a7ec5bb8fcba09e8bf4f2113c02908182bf85660fe5c40f713d0
-
SSDEEP
786432:bGNsUepct5Wfw99giquvYgvjShHye6uOZBdT13pESsDdlB:SNsU55Wfw99jqUYgvWpye6uqdTPPsDd7
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
CripsyTlow (peng).zip
Password: peng
-
DansiFlop.exe
Password: peng
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections
-
jres/COPYRIGHT
-
jres/LICENSE
-
jres/README.txt
-
jres/THIRDPARTYLICENSEREADME-JAVAFX.txt
-
jres/THIRDPARTYLICENSEREADME.txt
-
jres/Welcome.html
-
jres/bin/client/Xusage.txt
-
jres/doc/COPYRIGHT
-
jres/doc/LICENSE
-
jres/doc/README.txt
-
jres/doc/THIRDPARTYLICENSEREADME-JAVAFX.txt
-
jres/doc/THIRDPARTYLICENSEREADME.txt
-
jres/doc/Welcome.html
-
jres/doc/lib/accessibility.properties
-
jres/doc/lib/calendars.properties
-
jres/doc/lib/classlist
-
jres/doc/lib/cmm/CIEXYZ.pf
-
jres/doc/lib/cmm/GRAY.pf
-
jres/doc/lib/cmm/LINEAR_RGB.pf
-
jres/doc/lib/cmm/PYCC.pf
-
jres/doc/lib/cmm/sRGB.pf
-
jres/doc/lib/content-types.properties
-
jres/doc/lib/currency.data
-
jres/doc/lib/deploy.jar
-
jres/doc/lib/flavormap.properties
-
jres/doc/lib/fontconfig.bfc
-
jres/doc/lib/fontconfig.properties.src
-
jres/doc/lib/fonts/LucidaBrightDemiBold.ttf
-
jres/doc/lib/fonts/LucidaBrightDemiItalic.ttf
-
jres/doc/lib/fonts/LucidaBrightItalic.ttf
-
jres/doc/lib/fonts/LucidaBrightRegular.ttf
-
jres/doc/lib/fonts/LucidaSansDemiBold.ttf
-
jres/doc/lib/fonts/LucidaSansRegular.ttf
-
jres/doc/lib/fonts/LucidaTypewriterBold.ttf
-
jres/doc/lib/fonts/LucidaTypewriterRegular.ttf
-
jres/doc/lib/hijrah-config-umalqura.properties
-
jres/doc/lib/i386/jvm.cfg
-
jres/doc/lib/images/cursors/cursors.properties
-
jres/doc/lib/images/cursors/invalid32x32.gif
-
jres/doc/lib/images/cursors/win32_CopyDrop32x32.gif
-
jres/doc/lib/images/cursors/win32_CopyNoDrop32x32.gif
-
jres/doc/lib/images/cursors/win32_LinkDrop32x32.gif
-
jres/doc/lib/images/cursors/win32_LinkNoDrop32x32.gif
-
jres/doc/lib/images/cursors/win32_MoveDrop32x32.gif
-
jres/doc/lib/images/cursors/win32_MoveNoDrop32x32.gif
-
jres/doc/lib/javafx.properties
-
jres/doc/lib/javaws.jar
-
jres/doc/lib/jce.jar
-
jres/doc/lib/jfr.jar
-
jres/doc/lib/jfr/default.jfc
-
jres/doc/lib/jfr/profile.jfc
-
jres/doc/lib/jfxswt.jar
-
jres/doc/lib/jsse.jar
-
jres/doc/lib/jvm.hprof.txt
-
jres/doc/lib/logging.properties
-
jres/doc/lib/management-agent.jar
-
jres/doc/lib/management/jmxremote.access
-
jres/doc/lib/management/jmxremote.password.template
-
jres/doc/lib/management/management.properties
-
jres/doc/lib/management/snmp.acl.template
-
jres/doc/lib/meta-index
-
jres/doc/lib/net.properties
-
jres/doc/lib/plugin.jar
-
jres/doc/lib/psfont.properties.ja
-
jres/doc/lib/psfontj2d.properties
-
jres/doc/lib/resources.jar
-
jres/doc/lib/security/US_export_policy.jar
-
jres/doc/lib/security/blacklist
-
jres/doc/lib/security/blacklisted.certs
-
jres/doc/lib/security/cacerts
-
jres/doc/lib/security/java.policy
-
jres/doc/lib/security/java.security
-
jres/doc/lib/security/javaws.policy
-
jres/doc/lib/security/local_policy.jar
-
jres/doc/lib/sound.properties
-
jres/doc/lib/tzdb.dat
-
jres/doc/lib/tzmappings
-
jres/doc/release
-
jres/lib/accessibility.properties
-
jres/lib/calendars.properties
-
jres/lib/charsets.jar
-
jres/lib/classlist
-
jres/lib/cmm/CIEXYZ.pf
-
jres/lib/cmm/GRAY.pf
-
jres/lib/cmm/LINEAR_RGB.pf
-
jres/lib/cmm/PYCC.pf
-
jres/lib/cmm/sRGB.pf
-
jres/lib/content-types.properties
-
jres/lib/currency.data
-
jres/lib/deploy.jar
-
jres/lib/deploy/ffjcext.zip
Password: peng
-
{CAFEEFAC-0018-0000-0101-ABCDEFFEDCBA}/chrome.manifest
-
{CAFEEFAC-0018-0000-0101-ABCDEFFEDCBA}/chrome/content/ffjcext/ffjcext.js
-
{CAFEEFAC-0018-0000-0101-ABCDEFFEDCBA}/chrome/content/ffjcext/ffjcext.xul
-
{CAFEEFAC-0018-0000-0101-ABCDEFFEDCBA}/chrome/locale/de-DE/ffjcext/ffjcext.dtd
-
{CAFEEFAC-0018-0000-0101-ABCDEFFEDCBA}/chrome/locale/en-US/ffjcext/ffjcext.dtd
-
{CAFEEFAC-0018-0000-0101-ABCDEFFEDCBA}/chrome/locale/es-ES/ffjcext/ffjcext.dtd
-
{CAFEEFAC-0018-0000-0101-ABCDEFFEDCBA}/chrome/locale/fr-FR/ffjcext/ffjcext.dtd
-
{CAFEEFAC-0018-0000-0101-ABCDEFFEDCBA}/chrome/locale/it-IT/ffjcext/ffjcext.dtd
-
{CAFEEFAC-0018-0000-0101-ABCDEFFEDCBA}/chrome/locale/ja-JP/ffjcext/ffjcext.dtd
-
{CAFEEFAC-0018-0000-0101-ABCDEFFEDCBA}/chrome/locale/ko-KR/ffjcext/ffjcext.dtd
-
{CAFEEFAC-0018-0000-0101-ABCDEFFEDCBA}/chrome/locale/sv-SE/ffjcext/ffjcext.dtd
-
{CAFEEFAC-0018-0000-0101-ABCDEFFEDCBA}/chrome/locale/zh-CN/ffjcext/ffjcext.dtd
-
{CAFEEFAC-0018-0000-0101-ABCDEFFEDCBA}/chrome/locale/zh-TW/ffjcext/ffjcext.dtd
-
{CAFEEFAC-0018-0000-0101-ABCDEFFEDCBA}/install.rdf
-
jres/lib/deploy/messages.properties
-
jres/lib/deploy/messages_de.properties
-
jres/lib/deploy/messages_es.properties
-
jres/lib/deploy/messages_fr.properties
-
jres/lib/deploy/messages_it.properties
-
jres/lib/deploy/messages_ja.properties
-
jres/lib/deploy/messages_ko.properties
-
jres/lib/deploy/messages_pt_BR.properties
-
jres/lib/deploy/messages_sv.properties
-
jres/lib/deploy/messages_zh_CN.properties
-
jres/lib/deploy/messages_zh_HK.properties
-
jres/lib/deploy/messages_zh_TW.properties
-
jres/lib/deploy/splash.gif
-
jres/lib/deploy/[email protected]
-
jres/lib/deploy/splash_11-lic.gif
-
jres/lib/deploy/[email protected]
-
jres/lib/ext/access-bridge-32.jar
-
jres/lib/ext/access-bridge.jar
-
jres/lib/ext/cldrdata.jar
-
jres/lib/ext/dnsns.jar
-
jres/lib/ext/jaccess.jar
-
jres/lib/ext/localedata.jar
-
jres/lib/ext/meta-index
-
jres/lib/ext/nashorn.jar
-
jres/lib/ext/sunec.jar
-
jres/lib/ext/sunjce_provider.jar
-
jres/lib/ext/sunmscapi.jar
-
jres/lib/ext/sunpkcs11.jar
-
jres/lib/ext/zipfs.jar
-
jres/lib/flavormap.properties
-
jres/lib/fontconfig.bfc
-
jres/lib/fontconfig.properties.src
-
jres/lib/fonts/LucidaBrightDemiBold.ttf
-
jres/lib/fonts/LucidaBrightDemiItalic.ttf
-
jres/lib/fonts/LucidaBrightItalic.ttf
-
jres/lib/fonts/LucidaBrightRegular.ttf
-
jres/lib/fonts/LucidaSansDemiBold.ttf
-
jres/lib/fonts/LucidaSansRegular.ttf
-
jres/lib/fonts/LucidaTypewriterBold.ttf
-
jres/lib/fonts/LucidaTypewriterRegular.ttf
-
jres/lib/hijrah-config-umalqura.properties
-
jres/lib/i386/jvm.cfg
-
jres/lib/images/cursors/cursors.properties
-
jres/lib/images/cursors/invalid32x32.gif
-
jres/lib/images/cursors/win32_CopyDrop32x32.gif
-
jres/lib/images/cursors/win32_CopyNoDrop32x32.gif
-
jres/lib/images/cursors/win32_LinkDrop32x32.gif
-
jres/lib/images/cursors/win32_LinkNoDrop32x32.gif
-
jres/lib/images/cursors/win32_MoveDrop32x32.gif
-
jres/lib/images/cursors/win32_MoveNoDrop32x32.gif
-
jres/lib/javafx.properties
-
jres/lib/javaws.jar
-
jres/lib/jce.jar
-
jres/lib/jfr.jar
-
jres/lib/jfr/default.jfc
-
jres/lib/jfr/profile.jfc
-
jres/lib/jfxswt.jar
-
jres/lib/jsse.jar
-
jres/lib/jvm.hprof.txt
-
jres/lib/logging.properties
-
jres/lib/management-agent.jar
-
jres/lib/management/jmxremote.access
-
jres/lib/management/jmxremote.password.template
-
jres/lib/management/management.properties
-
jres/lib/management/snmp.acl.template
-
jres/lib/meta-index
-
jres/lib/net.properties
-
jres/lib/plugin.jar
-
jres/lib/psfont.properties.ja
-
jres/lib/psfontj2d.properties
-
jres/lib/resources.jar
-
jres/lib/security/US_export_policy.jar
-
jres/lib/security/blacklist
-
jres/lib/security/blacklisted.certs
-
jres/lib/security/cacerts
-
jres/lib/security/java.policy
-
jres/lib/security/java.security
-
jres/lib/security/javaws.policy
-
jres/lib/security/local_policy.jar
-
jres/lib/sound.properties
-
jres/lib/tzdb.dat
-
jres/lib/tzmappings
-
jres/release
-
lib1/HikariCP-java6.jar
-
lib1/activation.jar
-
lib1/antlr4-runtime.jar
-
lib1/asm-all.jar
-
lib1/commons-email.jar
-
lib1/connector-api.jar
-
lib1/dn-compiled-module.jar
-
lib1/dn-php-sdk.jar
-
lib1/dyn4j.jar
-
lib1/gson.jar
-
lib1/jaybird-jdk18.jar
-
lib1/jfoenix.jar
-
lib1/jkeymaster.jar
-
lib1/jna.jar
-
lib1/jphp-app-framework.jar
-
lib1/jphp-core.jar
-
lib1/jphp-desktop-ext.jar
-
lib1/jphp-desktop-hotkey-ext.jar
-
lib1/jphp-game-ext.jar
-
lib1/jphp-gui-ext.jar
-
lib1/jphp-gui-jfoenix-ext.jar
-
lib1/jphp-json-ext.jar
-
lib1/jphp-jsoup-ext.jar
-
lib1/jphp-mail-ext.jar
-
lib1/jphp-runtime.jar
-
lib1/jphp-sql-ext.jar
-
lib1/jphp-systemtray-ext.jar
-
lib1/jphp-xml-ext.jar
-
lib1/jphp-zend-ext.jar
-
lib1/jphp-zip-ext.jar
-
lib1/jsoup.jar
-
lib1/mail.jar
-
lib1/mysql-connector-java.jar