34f6bed2ec2c13a87de4d41ecbe835f4_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

34f6bed2ec2c13a87de4d41ecbe835f4_JaffaCakes118
Size

2.1MB
MD5

34f6bed2ec2c13a87de4d41ecbe835f4
SHA1

ba4cf4a03f4cc4dc3113247947656ef0acaef27b
SHA256

263d94d764510a4f13ea8181d653c034c99b80ac2b1723005c0cf50d4121757f
SHA512

8dc6c8959dffc9762cdba19ab905ed06558716d444ab675f47ab0bf2a719b79a6652e476d8031c5a769fe27c8aad3a7bce535779e9b9873a1a74a4f62ff75f92
SSDEEP

49152:CRx6WNfGnge7zJi6uc+yMExuk/kNUTxqydg2iIq98SJ84Pe6CX6I:ixLfnIJi6uclZsk/kOxqydvhq98ITPBA

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/cvery.comdel717534534623/Clock.exe
unpack001/cvery.comdel717534534623/QXGL.exe

Files

34f6bed2ec2c13a87de4d41ecbe835f4_JaffaCakes118
.rar
cvery.comdel717534534623/AES.dcu
cvery.comdel717534534623/AES.pas
cvery.comdel717534534623/About_Form.dcu
cvery.comdel717534534623/About_Form.ddp
cvery.comdel717534534623/About_Form.dfm
cvery.comdel717534534623/About_Form.pas
cvery.comdel717534534623/CZRZ_Form.dcu
cvery.comdel717534534623/CZRZ_Form.ddp
cvery.comdel717534534623/CZRZ_Form.dfm
cvery.comdel717534534623/CZRZ_Form.pas
cvery.comdel717534534623/Clock.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
cvery.comdel717534534623/Data.mdb
cvery.comdel717534534623/ElAES.dcu
cvery.comdel717534534623/ElAES.pas
cvery.comdel717534534623/Enter_Form.dcu
cvery.comdel717534534623/Enter_Form.ddp
cvery.comdel717534534623/Enter_Form.dfm
cvery.comdel717534534623/Enter_Form.pas
cvery.comdel717534534623/Enter_Form1.dcu
cvery.comdel717534534623/Enter_Form1.ddp
cvery.comdel717534534623/Enter_Form1.dfm
cvery.comdel717534534623/Enter_Form1.pas
cvery.comdel717534534623/GNB_Form.dcu
cvery.comdel717534534623/GNB_Form.ddp
cvery.comdel717534534623/GNB_Form.dfm
cvery.comdel717534534623/GNB_Form.pas
cvery.comdel717534534623/GNGL.ddp
cvery.comdel717534534623/GNGL.dfm
cvery.comdel717534534623/GNGL.pas
cvery.comdel717534534623/GNGL_Form.dcu
cvery.comdel717534534623/GNGL_Form.ddp
cvery.comdel717534534623/GNGL_Form.dfm
cvery.comdel717534534623/GNGL_Form.pas
cvery.comdel717534534623/HTMLHELP_Decl.dcu
cvery.comdel717534534623/HTMLHELP_Decl.pas
cvery.comdel717534534623/Main_Form.dcu
cvery.comdel717534534623/Main_Form.ddp
cvery.comdel717534534623/Main_Form.dfm
cvery.comdel717534534623/Main_Form.pas
cvery.comdel717534534623/QHelp.chm
.chm
cvery.comdel717534534623/QXGL.cfg
cvery.comdel717534534623/QXGL.dof
cvery.comdel717534534623/QXGL.dpr
cvery.comdel717534534623/QXGL.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 680KB - Virtual size: 680KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
cvery.comdel717534534623/QXGL.res
cvery.comdel717534534623/QXGL_Form.dcu
cvery.comdel717534534623/QXGL_Form.ddp
cvery.comdel717534534623/QXGL_Form.dfm
cvery.comdel717534534623/QXGL_Form.pas
cvery.comdel717534534623/SCZRZ_Form.dcu
cvery.comdel717534534623/SCZRZ_Form.ddp
cvery.comdel717534534623/SCZRZ_Form.dfm
cvery.comdel717534534623/SCZRZ_Form.pas
cvery.comdel717534534623/YHZGL_Form.dcu
cvery.comdel717534534623/YHZGL_Form.ddp
cvery.comdel717534534623/YHZGL_Form.dfm
cvery.comdel717534534623/YHZGL_Form.pas
cvery.comdel717534534623/ZGNB_Form.dcu
cvery.comdel717534534623/ZGNB_Form.ddp
cvery.comdel717534534623/ZGNB_Form.dfm
cvery.comdel717534534623/ZGNB_Form.pas
cvery.comdel717534534623/readme.doc
.doc windows office2003
cvery.comdel717534534623/share.dcu
cvery.comdel717534534623/share.pas
cvery.comdel717534534623/下载说明.htm
.html .js polyglot
cvery.comdel717534534623/日志文件/2005-6-10-1-28-4.txt
cvery.comdel717534534623/日志文件/2005-6-17-23-49-56.txt
cvery.comdel717534534623/日志文件/2005-6-9-16-49-4.txt

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

CODE Size: 42KB - Virtual size: 42KB

DATA Size: 1KB - Virtual size: 1KB

BSS Size: - Virtual size: 1KB

.idata Size: 3KB - Virtual size: 3KB

.tls Size: - Virtual size: 8B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 4KB - Virtual size: 3KB

.rsrc Size: 28KB - Virtual size: 28KB

Headers

File Characteristics

Sections

CODE Size: 1.1MB - Virtual size: 1.1MB

DATA Size: 15KB - Virtual size: 15KB

BSS Size: - Virtual size: 3KB

.idata Size: 10KB - Virtual size: 10KB

.tls Size: - Virtual size: 16B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 74KB - Virtual size: 74KB

.rsrc Size: 680KB - Virtual size: 680KB

CODE
Size: 42KB - Virtual size: 42KB

DATA
Size: 1KB - Virtual size: 1KB

BSS
Size: - Virtual size: 1KB

.idata
Size: 3KB - Virtual size: 3KB

.tls
Size: - Virtual size: 8B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 28KB - Virtual size: 28KB

CODE
Size: 1.1MB - Virtual size: 1.1MB

DATA
Size: 15KB - Virtual size: 15KB

BSS
Size: - Virtual size: 3KB

.idata
Size: 10KB - Virtual size: 10KB

.tls
Size: - Virtual size: 16B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 74KB - Virtual size: 74KB

.rsrc
Size: 680KB - Virtual size: 680KB