Overview
overview
6Static
static
3三国注�...ws.exe
windows7-x64
6三国注�...ws.exe
windows10-2004-x64
6三国注�...de.vbs
windows7-x64
1三国注�...de.vbs
windows10-2004-x64
1三国注�...wap.js
windows7-x64
3三国注�...wap.js
windows10-2004-x64
3三国注�...tab.js
windows7-x64
3三国注�...tab.js
windows10-2004-x64
3三国注�...ig.asp
windows7-x64
3三国注�...ig.asp
windows10-2004-x64
3三国注�...n1.vbs
windows7-x64
1三国注�...n1.vbs
windows10-2004-x64
1三国注�...nd.asp
windows7-x64
3三国注�...nd.asp
windows10-2004-x64
3三国注�...ad.asp
windows7-x64
3三国注�...ad.asp
windows10-2004-x64
3三国注�...nc.vbs
windows7-x64
1三国注�...nc.vbs
windows10-2004-x64
1三国注�...ex.asp
windows7-x64
3三国注�...ex.asp
windows10-2004-x64
3三国注�...d5.vbs
windows7-x64
1三国注�...d5.vbs
windows10-2004-x64
1三国注�...sg.vbs
windows7-x64
1三国注�...sg.vbs
windows10-2004-x64
1三国注�...ss.vbs
windows7-x64
1三国注�...ss.vbs
windows10-2004-x64
1三国注�...eg.vbs
windows7-x64
1三国注�...eg.vbs
windows10-2004-x64
1三国注�...��.url
windows7-x64
1三国注�...��.url
windows10-2004-x64
1三国注�...��.url
windows7-x64
1三国注�...��.url
windows10-2004-x64
1Static task
static1
Behavioral task
behavioral1
Sample
三国注册网站修改版带教程/Aws.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
三国注册网站修改版带教程/Aws.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
三国注册网站修改版带教程/CheckCode.vbs
Resource
win7-20241010-en
Behavioral task
behavioral4
Sample
三国注册网站修改版带教程/CheckCode.vbs
Resource
win10v2004-20241007-en
Behavioral task
behavioral5
Sample
三国注册网站修改版带教程/Images/objectSwap.js
Resource
win7-20240903-en
Behavioral task
behavioral6
Sample
三国注册网站修改版带教程/Images/objectSwap.js
Resource
win10v2004-20241007-en
Behavioral task
behavioral7
Sample
三国注册网站修改版带教程/Images/tab.js
Resource
win7-20240903-en
Behavioral task
behavioral8
Sample
三国注册网站修改版带教程/Images/tab.js
Resource
win10v2004-20241007-en
Behavioral task
behavioral9
Sample
三国注册网站修改版带教程/config.asp
Resource
win7-20240903-en
Behavioral task
behavioral10
Sample
三国注册网站修改版带教程/config.asp
Resource
win10v2004-20241007-en
Behavioral task
behavioral11
Sample
三国注册网站修改版带教程/conn1.vbs
Resource
win7-20240903-en
Behavioral task
behavioral12
Sample
三国注册网站修改版带教程/conn1.vbs
Resource
win10v2004-20241007-en
Behavioral task
behavioral13
Sample
三国注册网站修改版带教程/end.asp
Resource
win7-20240903-en
Behavioral task
behavioral14
Sample
三国注册网站修改版带教程/end.asp
Resource
win10v2004-20241007-en
Behavioral task
behavioral15
Sample
三国注册网站修改版带教程/head.asp
Resource
win7-20240903-en
Behavioral task
behavioral16
Sample
三国注册网站修改版带教程/head.asp
Resource
win10v2004-20241007-en
Behavioral task
behavioral17
Sample
三国注册网站修改版带教程/inc.vbs
Resource
win7-20240903-en
Behavioral task
behavioral18
Sample
三国注册网站修改版带教程/inc.vbs
Resource
win10v2004-20241007-en
Behavioral task
behavioral19
Sample
三国注册网站修改版带教程/index.asp
Resource
win7-20240903-en
Behavioral task
behavioral20
Sample
三国注册网站修改版带教程/index.asp
Resource
win10v2004-20241007-en
Behavioral task
behavioral21
Sample
三国注册网站修改版带教程/md5.vbs
Resource
win7-20240903-en
Behavioral task
behavioral22
Sample
三国注册网站修改版带教程/md5.vbs
Resource
win10v2004-20241007-en
Behavioral task
behavioral23
Sample
三国注册网站修改版带教程/msg.vbs
Resource
win7-20240903-en
Behavioral task
behavioral24
Sample
三国注册网站修改版带教程/msg.vbs
Resource
win10v2004-20241007-en
Behavioral task
behavioral25
Sample
三国注册网站修改版带教程/nopass.vbs
Resource
win7-20240708-en
Behavioral task
behavioral26
Sample
三国注册网站修改版带教程/nopass.vbs
Resource
win10v2004-20241007-en
Behavioral task
behavioral27
Sample
三国注册网站修改版带教程/reg.vbs
Resource
win7-20241010-en
Behavioral task
behavioral28
Sample
三国注册网站修改版带教程/reg.vbs
Resource
win10v2004-20241007-en
Behavioral task
behavioral29
Sample
三国注册网站修改版带教程/传奇私服,传奇外传,无忧传奇私服-新开传奇外传.url
Resource
win7-20240903-en
Behavioral task
behavioral30
Sample
三国注册网站修改版带教程/传奇私服,传奇外传,无忧传奇私服-新开传奇外传.url
Resource
win10v2004-20241007-en
Behavioral task
behavioral31
Sample
三国注册网站修改版带教程/全国网游站长交流QQ群开通页面--加强互动沟通 无忧网游资源站.url
Resource
win7-20240729-en
Behavioral task
behavioral32
Sample
三国注册网站修改版带教程/全国网游站长交流QQ群开通页面--加强互动沟通 无忧网游资源站.url
Resource
win10v2004-20241007-en
General
-
Target
5021940f2b2512b21c6bb75840c3aeb7_JaffaCakes118
-
Size
1006KB
-
MD5
5021940f2b2512b21c6bb75840c3aeb7
-
SHA1
723c7f4b7411016f0ef10b54769c746a97e96718
-
SHA256
a23129d44d76c4fd6db18d478058ce9466a56af78bb84fb5bcbff4be6e1ba161
-
SHA512
3e4372af1e4913b95e8dc115c279d6c3f888f3b9f4808ff5a3718847bb1898b3713a4c2101fd73178ecfe888549f01c4485b1c8e40dbb65f972d8d88ae572c6f
-
SSDEEP
24576:XfJ9MSMiVApT3uj38MnmH3NfHOjmUkUKYZk:X5Vq7A37nmXhuyck
Malware Config
Signatures
-
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource unpack001/三国注册网站修改版带教程/Aws.exe unpack001/三国注册网站修改版带教程/点击安装教程.txt
Files
-
5021940f2b2512b21c6bb75840c3aeb7_JaffaCakes118.rar
-
三国注册网站修改版带教程/Aws.exe.exe windows:1 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
Size: 457KB - Virtual size: 988KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 262KB - Virtual size: 628KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 7KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 4KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 5KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.spack Size: 1023B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
三国注册网站修改版带教程/CheckCode.asp.vbs
-
三国注册网站修改版带教程/Images/1.gif.gif
-
三国注册网站修改版带教程/Images/Head.Fix
-
三国注册网站修改版带教程/Images/Thumbs.db
-
三国注册网站修改版带教程/Images/admin.css
-
三国注册网站修改版带教程/Images/back.gif.gif
-
三国注册网站修改版带教程/Images/bj2.gif.gif
-
三国注册网站修改版带教程/Images/body.Fix
-
三国注册网站修改版带教程/Images/body1.fix
-
三国注册网站修改版带教程/Images/body10.fix
-
三国注册网站修改版带教程/Images/body11.fix
-
三国注册网站修改版带教程/Images/body12.fix
-
三国注册网站修改版带教程/Images/body13.fix
-
三国注册网站修改版带教程/Images/body14.fix
-
三国注册网站修改版带教程/Images/body15.fix
-
三国注册网站修改版带教程/Images/body16.fix
-
三国注册网站修改版带教程/Images/body17.fix
-
三国注册网站修改版带教程/Images/body18.fix
-
三国注册网站修改版带教程/Images/body2.fix
-
三国注册网站修改版带教程/Images/body3.fix
-
三国注册网站修改版带教程/Images/body4.fix
-
三国注册网站修改版带教程/Images/body5.fix
-
三国注册网站修改版带教程/Images/body6.fix
-
三国注册网站修改版带教程/Images/body7.fix
-
三国注册网站修改版带教程/Images/body8.fix
-
三国注册网站修改版带教程/Images/body9.fix
-
三国注册网站修改版带教程/Images/bottom_38.gif.gif
-
三国注册网站修改版带教程/Images/bt.gif.gif
-
三国注册网站修改版带教程/Images/com_m_64.gif.gif
-
三国注册网站修改版带教程/Images/css.css
-
三国注册网站修改版带教程/Images/dots.gif.gif
-
三国注册网站修改版带教程/Images/error.gif.gif
-
三国注册网站修改版带教程/Images/glbl_bullet.gif.gif
-
三国注册网站修改版带教程/Images/index.css
-
三国注册网站修改版带教程/Images/index_hz01.gif.gif
-
三国注册网站修改版带教程/Images/index_hz02.gif.gif
-
三国注册网站修改版带教程/Images/index_hz03.gif.gif
-
三国注册网站修改版带教程/Images/index_hz04.gif.gif
-
三国注册网站修改版带教程/Images/index_hz05.gif.gif
-
三国注册网站修改版带教程/Images/indexbg.gif.gif
-
三国注册网站修改版带教程/Images/inf.gif.gif
-
三国注册网站修改版带教程/Images/left_2.gif.gif
-
三国注册网站修改版带教程/Images/main.css
-
三国注册网站修改版带教程/Images/objectSwap.js.js
-
三国注册网站修改版带教程/Images/pages.css
-
三国注册网站修改版带教程/Images/right2_03.jpg.jpg
-
三国注册网站修改版带教程/Images/right2b_02.jpg.jpg
-
三国注册网站修改版带教程/Images/shadow_108.gif.gif
-
三国注册网站修改版带教程/Images/shadow_109.gif.gif
-
三国注册网站修改版带教程/Images/shadow_98.gif.gif
-
三国注册网站修改版带教程/Images/style.css
-
三国注册网站修改版带教程/Images/style333.css
-
三国注册网站修改版带教程/Images/suc.gif.gif
-
三国注册网站修改版带教程/Images/tab.js.js
-
三国注册网站修改版带教程/Readme.txt
-
三国注册网站修改版带教程/config.asp
-
三国注册网站修改版带教程/conn1.asp.vbs
-
三国注册网站修改版带教程/end.asp
-
三国注册网站修改版带教程/head.asp
-
三国注册网站修改版带教程/inc.asp.vbs
-
三国注册网站修改版带教程/index.ASP
-
三国注册网站修改版带教程/md5.asp.vbs
-
三国注册网站修改版带教程/msg.asp.vbs
-
三国注册网站修改版带教程/nopass.asp.vbs
-
三国注册网站修改版带教程/reg.asp.vbs
-
三国注册网站修改版带教程/传奇私服,传奇外传,无忧传奇私服-新开传奇外传私服,传奇私服发布.url.url
-
三国注册网站修改版带教程/全国网游站长交流QQ群开通页面--加强互动沟通 无忧网游资源站.url.url
-
三国注册网站修改版带教程/无忧私服技术共享区.url.url
-
三国注册网站修改版带教程/无忧网络网游技术资源网-前程无忧.url.url
-
三国注册网站修改版带教程/点击安装教程.txt.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
CODE Size: 98KB - Virtual size: 98KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
DATA Size: 6KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
BSS Size: - Virtual size: 10KB
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: - Virtual size: 12B
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 512B - Virtual size: 24B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 8KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 30KB - Virtual size: 30KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
三国注册网站修改版带教程/私服站长免费广告,网址大全,链接,私服免费开区广告.url.url
-
三国注册网站修改版带教程/绿化注册.reg