Overview

overview

7

Static

static

7

cvery.com/...de.bat

windows7-x64

1

cvery.com/...de.bat

windows10-2004-x64

1

cvery.com/...t1.elf

windows7-x64

3

cvery.com/...t1.elf

windows10-2004-x64

3

cvery.com/...t1.exe

windows7-x64

1

cvery.com/...t1.exe

windows10-2004-x64

1

cvery.com/spawn.exe

windows7-x64

1

cvery.com/spawn.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    0681303f5b6f16f02fcd0b911d1a9de4_JaffaCakes118

  • Size

    211KB

  • MD5

    0681303f5b6f16f02fcd0b911d1a9de4

  • SHA1

    18c6cc851821cee4f6586449f88ea9c44eea254c

  • SHA256

    72fc2c6ae62ffc04c77e7d9da91aa63e240aa3e8285c4c19a956f03efcbed2a1

  • SHA512

    9aa8d73ef8c0b57814bf55bb976c08ec1171e3b1b614a8f6423f620c646f02d471eb3ce9305060d07a9f8c1e83daec9653957e1dbf4f9f8da0055cb1dbbed2b8

  • SSDEEP

    3072:KOBFubcvFi8zF1piOfK1Ma0Euykp0qPsJigb/crXr+VDt3McDGwgMTKl9g5LqkJX:/FBiW8aakyRXb67QRMi3Q9sJYDAp7

Score
7/10
aspackv2

Malware Config

Signatures

  • ASPack v2.12-2.42 2 IoCs

    Detects executables packed with ASPack v2.12-2.42

    aspackv2
  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • 0681303f5b6f16f02fcd0b911d1a9de4_JaffaCakes118
    .rar
  • cvery.com/CleanCode.bat
  • cvery.com/GlobalPara.pas
  • cvery.com/Project1.dpr
  • cvery.com/Project1.drc
  • cvery.com/Project1.elf
  • cvery.com/Project1.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • cvery.com/Project1.res
  • cvery.com/RoutingThrd.pas
  • cvery.com/RunDosThrd.pas
  • cvery.com/Unit1.dfm
  • cvery.com/Unit1.pas
  • cvery.com/spawn.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • cvery.com/下载说明.htm
    .html .js polyglot