3dacb866554ea81ba8df2af4cde8403b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3dacb866554ea81ba8df2af4cde8403b_JaffaCakes118
Size

430KB
MD5

3dacb866554ea81ba8df2af4cde8403b
SHA1

2f83a7766d9c5a59dc99c3bfdc7ccf057b9eb604
SHA256

76acdced0fa1907e87bc322e0b984684389ff77232d12d4f7e5c463c38e97003
SHA512

86ce926b826eda6469b035a690782aa9424c726c7f4831df84897a0e803a1e9c1dc926af0f90accf547b51d6fea7e2b020b1bc93519a24ba471f679a477212bc
SSDEEP

12288:CfDvdJJCBPE7/j4hN8ObvFgiR9MlpCMFKucn:u1TCSqbvFRMTVKuw

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/cvery.comdel49903244/tQClient/tQClientProject.exe
unpack001/cvery.comdel49903244/tQServer/ServerProject.exe

Files

3dacb866554ea81ba8df2af4cde8403b_JaffaCakes118
.rar
cvery.comdel49903244/Common/testQQCommon.dcu
cvery.comdel49903244/Common/testQQCommon.pas
cvery.comdel49903244/Common/testQQCommon.~pas
cvery.comdel49903244/tQClient/AboutUnit.dcu
cvery.comdel49903244/tQClient/AboutUnit.ddp
cvery.comdel49903244/tQClient/AboutUnit.dfm
cvery.comdel49903244/tQClient/AboutUnit.pas
cvery.comdel49903244/tQClient/AboutUnit.~ddp
cvery.comdel49903244/tQClient/AboutUnit.~dfm
cvery.comdel49903244/tQClient/AboutUnit.~pas
cvery.comdel49903244/tQClient/MainUnit.dcu
cvery.comdel49903244/tQClient/MainUnit.ddp
cvery.comdel49903244/tQClient/MainUnit.dfm
cvery.comdel49903244/tQClient/MainUnit.pas
.js
cvery.comdel49903244/tQClient/MainUnit.~ddp
cvery.comdel49903244/tQClient/MainUnit.~dfm
cvery.comdel49903244/tQClient/MainUnit.~pas
.js
cvery.comdel49903244/tQClient/tQClientProject.cfg
cvery.comdel49903244/tQClient/tQClientProject.dof
cvery.comdel49903244/tQClient/tQClientProject.dpr
cvery.comdel49903244/tQClient/tQClientProject.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 598KB - Virtual size: 598KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
cvery.comdel49903244/tQClient/tQClientProject.res
cvery.comdel49903244/tQClient/tQClientProject.~dpr
cvery.comdel49903244/tQServer/MainUnit.dcu
cvery.comdel49903244/tQServer/MainUnit.ddp
cvery.comdel49903244/tQServer/MainUnit.dfm
cvery.comdel49903244/tQServer/MainUnit.pas
.js
cvery.comdel49903244/tQServer/MainUnit.~ddp
cvery.comdel49903244/tQServer/MainUnit.~dfm
cvery.comdel49903244/tQServer/MainUnit.~pas
.js
cvery.comdel49903244/tQServer/ServerProject.cfg
cvery.comdel49903244/tQServer/ServerProject.dof
cvery.comdel49903244/tQServer/ServerProject.dpr
cvery.comdel49903244/tQServer/ServerProject.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 345KB - Virtual size: 344KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
cvery.comdel49903244/tQServer/ServerProject.res
cvery.comdel49903244/tQServer/ServerProject.~dpr
cvery.comdel49903244/tQServer/testQQCommon.dcu
cvery.comdel49903244/tQServer/testQQCommon.~pas
cvery.comdel49903244/thanksharp_tQPic.JPG
.jpg
cvery.comdel49903244/下载说明.htm
.html .js polyglot

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

CODE Size: 598KB - Virtual size: 598KB

DATA Size: 8KB - Virtual size: 7KB

BSS Size: - Virtual size: 3KB

.idata Size: 9KB - Virtual size: 9KB

.tls Size: - Virtual size: 16B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 42KB - Virtual size: 41KB

.rsrc Size: 56KB - Virtual size: 56KB

Headers

File Characteristics

Sections

CODE Size: 345KB - Virtual size: 344KB

DATA Size: 6KB - Virtual size: 6KB

BSS Size: - Virtual size: 3KB

.idata Size: 8KB - Virtual size: 8KB

.tls Size: - Virtual size: 16B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 26KB - Virtual size: 26KB

.rsrc Size: 25KB - Virtual size: 25KB

CODE
Size: 598KB - Virtual size: 598KB

DATA
Size: 8KB - Virtual size: 7KB

BSS
Size: - Virtual size: 3KB

.idata
Size: 9KB - Virtual size: 9KB

.tls
Size: - Virtual size: 16B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 42KB - Virtual size: 41KB

.rsrc
Size: 56KB - Virtual size: 56KB

CODE
Size: 345KB - Virtual size: 344KB

DATA
Size: 6KB - Virtual size: 6KB

BSS
Size: - Virtual size: 3KB

.idata
Size: 8KB - Virtual size: 8KB

.tls
Size: - Virtual size: 16B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 26KB - Virtual size: 26KB

.rsrc
Size: 25KB - Virtual size: 25KB