General

  • Target

    367f8f17ca1ca78dec101bb41f762abb_JaffaCakes118

  • Size

    514KB

  • MD5

    367f8f17ca1ca78dec101bb41f762abb

  • SHA1

    629fedc1b143ebcac0d2bab844cafa7abdd520f4

  • SHA256

    e7aa1bed9d02e224cef2358afa7de79401d0ec311c40205cfd95aa70e41df218

  • SHA512

    330328320dd1c8f20f9b3ddfe33400aa9a89e945e52ef0f0d9a1ef3fb33165b94084a411821a1b0819ba02691c516f922cd42ca81686d1a95f26e1be1992cd37

  • SSDEEP

    12288:tJIrDEV6ZnmOZWPUYGcgbJe49wPNu1suQf0+0InFqC/HpVvZ8xE:ovEoZmOYPU9RbJegEUZQf09IcmCxE

Score
3/10

Malware Config

Signatures

  • Unsigned PE 6 IoCs

    Checks for missing Authenticode signature.

Files

  • 367f8f17ca1ca78dec101bb41f762abb_JaffaCakes118
    .rar
  • HSCAN/Readme.txt
  • HSCAN/conf/common.cgi
  • HSCAN/conf/ftp_pass.dic
  • HSCAN/conf/ftp_user.dic
  • HSCAN/conf/imap_pass.dic
  • HSCAN/conf/imap_user.dic
  • HSCAN/conf/ipc_pass.dic
  • HSCAN/conf/ipc_user.dic
  • HSCAN/conf/mssql_pass.dic
  • HSCAN/conf/mssql_user.dic
  • HSCAN/conf/mysql_pass.dic
  • HSCAN/conf/mysql_user.dic
  • HSCAN/conf/nt.cgi
  • HSCAN/conf/pop_pass.dic
  • HSCAN/conf/pop_user.dic
  • HSCAN/conf/rpc.lst
  • HSCAN/conf/telnet_pass.dic
  • HSCAN/conf/telnet_user.dic
  • HSCAN/conf/unix.cgi
  • HSCAN/hscanconf.ini
  • HSCAN/libmySQL.dll
    .dll windows:4 windows x86 arch:x86

    006c49710d9884ca7c15f8d95eeb51d4


    Headers

    Imports

    Exports

    Sections

  • HSCAN/oncrpc.dll
    .dll windows:1 windows x86 arch:x86

    2125b46849b9f195b9b037623de522f2


    Headers

    Imports

    Exports

    Sections

  • HSCAN/plugin/fpe2k.hsp
  • HSCAN/plugin/luenum.hsp
  • HSCAN/plugin/qpop.hsp
  • HSCAN/plugin/sunftp.hsp
  • HSCAN/tools/NTCmd.exe
    .exe windows:4 windows x86 arch:x86

    73767e539e9720aff83d4da1db391803


    Headers

    Imports

    Sections

  • HSCAN/tools/Sqlcmd.exe
    .exe windows:4 windows x86 arch:x86

    794cb112594371ed14da81bc0592ca2a


    Headers

    Imports

    Sections

  • HSCAN/tools/cygwinb19.dll
    .dll windows:4 windows x86 arch:x86

    0f068abeaa3b9ee1380205dbc1e98308


    Headers

    Imports

    Exports

    Sections

  • HSCAN/tools/mysql.exe
    .exe windows:4 windows x86 arch:x86

    eebae69bbcdbf0cf9d738e09705f99ee


    Headers

    Imports

    Sections