14ef1b9563e0b7034b94ac7d45afb835_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

14ef1b9563e0b7034b94ac7d45afb835_JaffaCakes118
Size

1.5MB
MD5

14ef1b9563e0b7034b94ac7d45afb835
SHA1

28fc22fa56901a194bbb074e3c3b187339b6fa64
SHA256

934f155c199df5b38ababf95decbe29bf93f2284c66dfe9ab3552e8dcaf02264
SHA512

b6a1211fc945be8fb684ffc693baf2cb731a898b3522cd4dde47c777f1e12bc4fc91545c85ff01e1f18d836d4fb7607ffeb073e6f01a560186764359a0934528
SSDEEP

49152:0tOZq4QAtrzFZnng8XdSkFS71iscGFsktcdW:0tsQ4fngIkV0UFic

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 2 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
static1/unpack001/cvery.com/crack/HueyController.exe	aspack_v212_v242
static1/unpack001/cvery.com/crack/HueyServ.exe	aspack_v212_v242

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/cvery.com/crack/HueyController.exe
unpack001/cvery.com/crack/HueyServ.exe
unpack001/cvery.com/hueyins.exe

Files

14ef1b9563e0b7034b94ac7d45afb835_JaffaCakes118
.rar
cvery.com/crack/HueyController.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 163KB - Virtual size: 412KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
cvery.com/crack/HueyServ.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 184KB - Virtual size: 460KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 12KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
cvery.com/hueyins.exe
.exe windows:4 windows x86 arch:x86

30a67874222a520b6a14dcb208a379e8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpynA
GetDateFormatA
GetSystemDirectoryA
GetWindowsDirectoryA
GetCommandLineA
GetVersionExA
CreateMutexA
GetPrivateProfileIntA
GetPrivateProfileStringA
lstrcmpA
GetSystemTime
LocalFree
LocalAlloc
GetVersion
GetSystemInfo
GetComputerNameA
SetEndOfFile
LCMapStringA
GetStringTypeW
GetStringTypeA
GetOEMCP
GetExitCodeProcess
GetCPInfo
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapSize
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetStartupInfoA
RtlUnwind
TerminateProcess
HeapAlloc
HeapFree
SetFileTime
GlobalMemoryStatus
GetShortPathNameA
CreateProcessA
SetErrorMode
WritePrivateProfileStringA
WritePrivateProfileSectionA
MoveFileExA
GetCurrentProcess
ExitProcess
WideCharToMultiByte
GetModuleFileNameA
RemoveDirectoryA
GetFileTime
VerLanguageNameA
CompareFileTime
CopyFileA
GetFileSize
GetLogicalDriveStringsA
FreeLibrary
GetCurrentDirectoryA
SetCurrentDirectoryA
MultiByteToWideChar
SetFileAttributesA
LCMapStringW
GetTempPathA
GetFileAttributesA
CreateDirectoryA
GetLocaleInfoA
FindFirstFileA
lstrcmpiA
FindNextFileA
FindClose
GetDriveTypeA
lstrcatA
GetModuleHandleA
LoadLibraryA
GetProcAddress
GetTickCount
Sleep
GetCurrentThread
QueryPerformanceFrequency
QueryPerformanceCounter
GetThreadPriority
SetThreadPriority
GlobalReAlloc
GlobalUnlock
GlobalFree
GlobalAlloc
GlobalLock
MulDiv
lstrlenA
GetLastError
FormatMessageA
WriteFile
ReadFile
lstrcpyA
SetFilePointer
CreateFileA
CloseHandle
GetACP
DeleteFileA

user32

FindWindowA
IsIconic
PostMessageA
RegisterClassA
GetClientRect
MsgWaitForMultipleObjects
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
ExitWindowsEx
WaitMessage
KillTimer
SetWindowPos
LoadBitmapA
GetDlgItemTextA
CreateDialogParamA
SetDlgItemTextA
SendDlgItemMessageA
GetSystemMetrics
RegisterClassExA
ChildWindowFromPoint
GetWindowLongA
IsDialogMessageA
GetDC
ReleaseDC
GetActiveWindow
MessageBoxA
CopyRect
FillRect
DrawEdge
EndDialog
DestroyWindow
DefWindowProcA
GetWindowRect
SetRectEmpty
GetDesktopWindow
EnumDisplaySettingsA
SetTimer
SystemParametersInfoA
SetForegroundWindow
DialogBoxParamA
EnableWindow
SetCursor
InvalidateRect
LoadIconA
LoadImageA
PostQuitMessage
SendMessageA
ScreenToClient
GetCursorPos
GetSysColor
GetWindowTextLengthA
GetWindowTextA
GetDlgItem
CreateWindowExA
SetWindowLongA
SetFocus
GetSystemMenu
DeleteMenu
AppendMenuA
ShowWindow
SetWindowTextA
LoadCursorA

gdi32

SaveDC
SetMapMode
SetViewportOrgEx
RestoreDC
StartDocA
TextOutA
SetBkMode
SelectObject
CreateFontA
GetDeviceCaps
BitBlt
DeleteDC
DeleteObject
CreateSolidBrush
GetStockObject
SetBkColor
SetTextColor
CreateCompatibleBitmap
CreateCompatibleDC
StretchDIBits
GetTextExtentPoint32A
CreateBitmap
CreateDIBitmap
CreatePalette
AddFontResourceA
CreateScalableFontResourceA
RemoveFontResourceA
EndDoc
StartPage
EndPage

comdlg32

GetOpenFileNameA
PrintDlgA

advapi32

RegCloseKey
RegOpenKeyExA
AdjustTokenPrivileges
LookupPrivilegeValueA
RegDeleteValueA
RegQueryInfoKeyA
RegEnumKeyExA
OpenThreadToken
DuplicateToken
AllocateAndInitializeSid
InitializeSecurityDescriptor
GetLengthSid
InitializeAcl
AddAccessAllowedAce
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
IsValidSecurityDescriptor
AccessCheck
FreeSid
GetUserNameA
RegSetValueExA
RegCreateKeyExA
OpenProcessToken
RegQueryValueExA

shell32

SHFileOperationA
SHBrowseForFolderA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetMalloc
ShellExecuteA
SHChangeNotify

ole32

CoUninitialize
CoInitialize
OleUninitialize
CoCreateInstance
OleInitialize

oleaut32

RegisterTypeLi
LoadTypeLi

winmm

waveOutGetNumDevs
midiOutGetNumDevs
joyGetPos

comctl32

ord17
ImageList_Create
ImageList_Add

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 145KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 337KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
cvery.com/下载说明.htm
.html .js polyglot
cvery.com/非常世纪资源网.url
.url

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

CODE Size: 163KB - Virtual size: 412KB

DATA Size: 2KB - Virtual size: 8KB

BSS Size: - Virtual size: 4KB

.idata Size: 3KB - Virtual size: 12KB

.tls Size: - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.reloc Size: - Virtual size: 32KB

.rsrc Size: 18KB - Virtual size: 116KB

.aspack Size: 15KB - Virtual size: 16KB

.adata Size: - Virtual size: 4KB

Headers

File Characteristics

Sections

CODE Size: 184KB - Virtual size: 460KB

DATA Size: 12KB - Virtual size: 20KB

BSS Size: - Virtual size: 4KB

.idata Size: 4KB - Virtual size: 12KB

.tls Size: - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 32KB

.rsrc Size: 52KB - Virtual size: 176KB

.aspack Size: 7KB - Virtual size: 8KB

.adata Size: - Virtual size: 4KB

30a67874222a520b6a14dcb208a379e8

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

winmm

comctl32

version

Sections

.text Size: 145KB - Virtual size: 144KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 12KB - Virtual size: 337KB

.rsrc Size: 4KB - Virtual size: 4KB

CODE
Size: 163KB - Virtual size: 412KB

DATA
Size: 2KB - Virtual size: 8KB

BSS
Size: - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 12KB

.tls
Size: - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.reloc
Size: - Virtual size: 32KB

.rsrc
Size: 18KB - Virtual size: 116KB

.aspack
Size: 15KB - Virtual size: 16KB

.adata
Size: - Virtual size: 4KB

CODE
Size: 184KB - Virtual size: 460KB

DATA
Size: 12KB - Virtual size: 20KB

BSS
Size: - Virtual size: 4KB

.idata
Size: 4KB - Virtual size: 12KB

.tls
Size: - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 32KB

.rsrc
Size: 52KB - Virtual size: 176KB

.aspack
Size: 7KB - Virtual size: 8KB

.adata
Size: - Virtual size: 4KB

.text
Size: 145KB - Virtual size: 144KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 12KB - Virtual size: 337KB

.rsrc
Size: 4KB - Virtual size: 4KB