Overview

overview

3

Static

static

3

cvery.comd....1.dll

windows7-x64

1

cvery.comd....1.dll

windows10-2004-x64

1

cvery.comd...ma.dll

windows7-x64

1

cvery.comd...ma.dll

windows10-2004-x64

1

cvery.comd...ma.dll

windows7-x64

1

cvery.comd...ma.dll

windows10-2004-x64

1

cvery.comd...ma.exe

windows7-x64

3

cvery.comd...ma.exe

windows10-2004-x64

3

cvery.comd...er.chm

windows7-x64

1

cvery.comd...er.chm

windows10-2004-x64

1

cvery.comd...ma.dll

windows7-x64

1

cvery.comd...ma.dll

windows10-2004-x64

1

cvery.comd...or.exe

windows7-x64

1

cvery.comd...or.exe

windows10-2004-x64

1

cvery.comd...ll.txt

windows7-x64

1

cvery.comd...ll.txt

windows10-2004-x64

1

cvery.comd...om.exe

windows7-x64

1

cvery.comd...om.exe

windows10-2004-x64

1

cvery.comd...GO.exe

windows7-x64

1

cvery.comd...GO.exe

windows10-2004-x64

1

cvery.comd...ou.url

windows7-x64

1

cvery.comd...ou.url

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    45088e041ff040ceacae4bfe41ee2e8f_JaffaCakes118

  • Size

    2.8MB

  • MD5

    45088e041ff040ceacae4bfe41ee2e8f

  • SHA1

    3c076e6b556df566a4389115b6a75c4cac49bc73

  • SHA256

    45cc6d2c70241d76da2a214b5dbaeb8e79f85c2ef791ae88e17cf6c8901f2a3f

  • SHA512

    c3867a1103d77822dea662a507839a3fb9cdfbec54aad825c152e0411c5ffe2a5682b83b23e4974101374bc9f219c2654d383e244a190dc614efe8ca1cc3040d

  • SSDEEP

    49152:cXM4KcegH3La9rQFX9ik3pTuo2BM4nRTcwaTtVKXd/zf58hyBJN2WbXLJxE:204Cr+buoaM41cXEdtSyBrTLw

Score
3/10

Malware Config

Signatures

  • Unsigned PE 8 IoCs

    Checks for missing Authenticode signature.

Files

  • 45088e041ff040ceacae4bfe41ee2e8f_JaffaCakes118
    .rar
  • cvery.comdel06011434242343/About.dcu
  • cvery.comdel06011434242343/About.ddp
  • cvery.comdel06011434242343/About.dfm
  • cvery.comdel06011434242343/About.pas
  • cvery.comdel06011434242343/Com/AboutBoxManagerIntf/AboutBoxManagerIntf.dcu
  • cvery.comdel06011434242343/Com/AboutBoxManagerIntf/AboutBoxManagerIntf.pas
  • cvery.comdel06011434242343/Com/AboutBoxManagerIntf/AboutBoxManagerIntf.~pas
  • cvery.comdel06011434242343/Com/AboutBoxManagerIntf/AboutDialogForNeotoma/About.dcu
  • cvery.comdel06011434242343/Com/AboutBoxManagerIntf/AboutDialogForNeotoma/About.ddp
  • cvery.comdel06011434242343/Com/AboutBoxManagerIntf/AboutDialogForNeotoma/About.dfm
  • cvery.comdel06011434242343/Com/AboutBoxManagerIntf/AboutDialogForNeotoma/About.pas
  • cvery.comdel06011434242343/Com/AboutBoxManagerIntf/AboutDialogForNeotoma/About.~ddp
  • cvery.comdel06011434242343/Com/AboutBoxManagerIntf/AboutDialogForNeotoma/About.~dfm
  • cvery.comdel06011434242343/Com/AboutBoxManagerIntf/AboutDialogForNeotoma/About.~pas
  • cvery.comdel06011434242343/Com/SeekEngineIntf/DemogodyouStudio_Xiaolei_Neotoma.dll.1.0
    .dll regsvr32 windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • cvery.comdel06011434242343/Com/SeekEngineIntf/SeekEngine.dcu
  • cvery.comdel06011434242343/Com/SeekEngineIntf/SeekEngine.pas
  • cvery.comdel06011434242343/Com/SeekEngineIntf/SeekEngineIntf.dcu
  • cvery.comdel06011434242343/Com/SeekEngineIntf/SeekEngineIntf.pas
  • cvery.comdel06011434242343/Com/SeekEngineIntf/SeekEngineIntf.~pas
  • cvery.comdel06011434242343/Com/SeekEngineIntf/Xiaolei_Neotoma.cfg
  • cvery.comdel06011434242343/Com/SeekEngineIntf/Xiaolei_Neotoma.dll
    .dll regsvr32 windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • cvery.comdel06011434242343/Com/SeekEngineIntf/Xiaolei_Neotoma.dof
  • cvery.comdel06011434242343/Com/SeekEngineIntf/Xiaolei_Neotoma.dpr
  • cvery.comdel06011434242343/Com/SeekEngineIntf/Xiaolei_Neotoma.res
  • cvery.comdel06011434242343/Com/SeekEngineIntf/Xiaolei_Neotoma.tlb
  • cvery.comdel06011434242343/Com/SeekEngineIntf/Xiaolei_Neotoma.~dpr
  • cvery.comdel06011434242343/Com/SeekEngineIntf/Xiaolei_Neotoma.~tlb
  • cvery.comdel06011434242343/Com/SeekEngineIntf/Xiaolei_Neotoma_TLB.dcu
  • cvery.comdel06011434242343/Com/SeekEngineIntf/Xiaolei_Neotoma_TLB.pas
  • cvery.comdel06011434242343/Com/SeekEngineIntf/Xiaolei_Neotoma_TLB.~pas
  • cvery.comdel06011434242343/Config/Bookmarks.ini
  • cvery.comdel06011434242343/Config/Emails.ini
  • cvery.comdel06011434242343/Config/Notice.ini
  • cvery.comdel06011434242343/Config/UIConfig.ini
  • cvery.comdel06011434242343/DM_NeotomaCall.dcu
  • cvery.comdel06011434242343/DM_NeotomaCall.dfm
  • cvery.comdel06011434242343/DM_NeotomaCall.pas
  • cvery.comdel06011434242343/DefaultKB.xml
    .xml
  • cvery.comdel06011434242343/Dlg_InputQuery.dcu
  • cvery.comdel06011434242343/Dlg_InputQuery.ddp
  • cvery.comdel06011434242343/Dlg_InputQuery.dfm
  • cvery.comdel06011434242343/Dlg_InputQuery.pas
  • cvery.comdel06011434242343/EMailSender/Config/Emails.ini
  • cvery.comdel06011434242343/EMailSender/EMailSender.cfg
  • cvery.comdel06011434242343/EMailSender/EMailSender.dof
  • cvery.comdel06011434242343/EMailSender/EMailSender.dpr
  • cvery.comdel06011434242343/EMailSender/EMailSender.res
  • cvery.comdel06011434242343/EMailSender/EMailSender.~dpr
  • cvery.comdel06011434242343/EMailSender/Frm_EMailSender.dcu
  • cvery.comdel06011434242343/EMailSender/Frm_EMailSender.ddp
  • cvery.comdel06011434242343/EMailSender/Frm_EMailSender.dfm
  • cvery.comdel06011434242343/EMailSender/Frm_EMailSender.pas
  • cvery.comdel06011434242343/EMailSender/Frm_EMailSender.~ddp
  • cvery.comdel06011434242343/EMailSender/Frm_EMailSender.~dfm
  • cvery.comdel06011434242343/EMailSender/Frm_EMailSender.~pas
  • cvery.comdel06011434242343/EMailSender/Frm_NewEMailAddress.dcu
  • cvery.comdel06011434242343/EMailSender/Frm_NewEMailAddress.ddp
  • cvery.comdel06011434242343/EMailSender/Frm_NewEMailAddress.dfm
  • cvery.comdel06011434242343/EMailSender/Frm_NewEMailAddress.pas
  • cvery.comdel06011434242343/EMailSender/Frm_NewEMailAddress.~ddp
  • cvery.comdel06011434242343/EMailSender/Frm_NewEMailAddress.~dfm
  • cvery.comdel06011434242343/EMailSender/Frm_NewEMailAddress.~pas
  • cvery.comdel06011434242343/EMailSender/Thread_EMailSender.dcu
  • cvery.comdel06011434242343/EMailSender/Thread_EMailSender.pas
  • cvery.comdel06011434242343/EMailSender/Thread_EMailSender.~pas
  • cvery.comdel06011434242343/Frame_SetUserInfo.dcu
  • cvery.comdel06011434242343/Frame_SetUserInfo.dfm
  • cvery.comdel06011434242343/Frame_SetUserInfo.pas
  • cvery.comdel06011434242343/Frm_AddAttribute.dcu
  • cvery.comdel06011434242343/Frm_AddAttribute.ddp
  • cvery.comdel06011434242343/Frm_AddAttribute.dfm
  • cvery.comdel06011434242343/Frm_AddAttribute.pas
  • cvery.comdel06011434242343/Frm_AttrManager.dcu
  • cvery.comdel06011434242343/Frm_AttrManager.ddp
  • cvery.comdel06011434242343/Frm_AttrManager.dfm
  • cvery.comdel06011434242343/Frm_AttrManager.pas
  • cvery.comdel06011434242343/Frm_AttributePage.dcu
  • cvery.comdel06011434242343/Frm_AttributePage.ddp
  • cvery.comdel06011434242343/Frm_AttributePage.dfm
  • cvery.comdel06011434242343/Frm_AttributePage.pas
  • cvery.comdel06011434242343/Frm_BuildNotice.dcu
  • cvery.comdel06011434242343/Frm_BuildNotice.ddp
  • cvery.comdel06011434242343/Frm_BuildNotice.dfm
  • cvery.comdel06011434242343/Frm_BuildNotice.pas
  • cvery.comdel06011434242343/Frm_Neotoma.dcu
  • cvery.comdel06011434242343/Frm_Neotoma.ddp
  • cvery.comdel06011434242343/Frm_Neotoma.dfm
  • cvery.comdel06011434242343/Frm_Neotoma.pas
  • cvery.comdel06011434242343/Frm_NeotomaCall.dcu
  • cvery.comdel06011434242343/Frm_NeotomaCall.ddp
  • cvery.comdel06011434242343/Frm_NeotomaCall.dfm
  • cvery.comdel06011434242343/Frm_NeotomaCall.pas
  • cvery.comdel06011434242343/Frm_SetUserInfo.dcu
  • cvery.comdel06011434242343/Frm_SetUserInfo.dfm
  • cvery.comdel06011434242343/Frm_SetUserInfo.pas
  • cvery.comdel06011434242343/Frm_SplashWindow.dcu
  • cvery.comdel06011434242343/Frm_SplashWindow.ddp
  • cvery.comdel06011434242343/Frm_SplashWindow.dfm
  • cvery.comdel06011434242343/Frm_SplashWindow.pas
  • cvery.comdel06011434242343/GlobalTypes.dcu
  • cvery.comdel06011434242343/GlobalTypes.pas
  • cvery.comdel06011434242343/InternetUtils.dcu
  • cvery.comdel06011434242343/InternetUtils.pas
  • cvery.comdel06011434242343/KBTree.dcu
  • cvery.comdel06011434242343/KBTree.pas
  • cvery.comdel06011434242343/MSNForm.dcu
  • cvery.comdel06011434242343/MSNForm.ddp
  • cvery.comdel06011434242343/MSNForm.dfm
  • cvery.comdel06011434242343/MSNForm.pas
  • cvery.comdel06011434242343/Neotoma.cfg
  • cvery.comdel06011434242343/Neotoma.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • cvery.comdel06011434242343/Neotoma.dof
  • cvery.comdel06011434242343/Neotoma.dpr
  • cvery.comdel06011434242343/Neotoma.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • cvery.comdel06011434242343/Neotoma.ico
  • cvery.comdel06011434242343/Neotoma.res
  • cvery.comdel06011434242343/NeotomaHelpCenter.chm
    .chm
  • cvery.comdel06011434242343/NeotomaMessage.dcu
  • cvery.comdel06011434242343/NeotomaMessage.pas
  • cvery.comdel06011434242343/Registor/Frm_Registor.dcu
  • cvery.comdel06011434242343/Registor/Frm_Registor.ddp
  • cvery.comdel06011434242343/Registor/Frm_Registor.dfm
  • cvery.comdel06011434242343/Registor/Frm_Registor.pas
  • cvery.comdel06011434242343/Registor/Neotoma.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • cvery.comdel06011434242343/Registor/Registor.cfg
  • cvery.comdel06011434242343/Registor/Registor.dof
  • cvery.comdel06011434242343/Registor/Registor.dpr
  • cvery.comdel06011434242343/Registor/Registor.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • cvery.comdel06011434242343/Registor/Registor.res
  • cvery.comdel06011434242343/RollInfoGetter.dcu
  • cvery.comdel06011434242343/RollInfoGetter.pas
  • cvery.comdel06011434242343/SN/SN.dcu
  • cvery.comdel06011434242343/SN/SN.pas
  • cvery.comdel06011434242343/SeekEngine.dcu
  • cvery.comdel06011434242343/SeekEngine.pas
  • cvery.comdel06011434242343/Seekor.dcu
  • cvery.comdel06011434242343/Seekor.pas
  • cvery.comdel06011434242343/Temp/NeotomaCall.txt
    .txt .rtf
  • cvery.comdel06011434242343/Temp/RichEditToImage.bmp
  • cvery.comdel06011434242343/Thread_KBTreeSeekor.dcu
  • cvery.comdel06011434242343/Thread_KBTreeSeekor.pas
  • cvery.comdel06011434242343/Tools/ChatRoom.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • cvery.comdel06011434242343/Tools/LOGO.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • cvery.comdel06011434242343/Unit1.pas
  • cvery.comdel06011434242343/Utils.dcu
  • cvery.comdel06011434242343/Utils.pas
  • cvery.comdel06011434242343/Welcome to you.url
  • cvery.comdel06011434242343/Welcome.mht
    .eml
  • email-html-1.txt
    .html
  • cvery.comdel06011434242343/_Neotoma.exe.manifest
    .xml
  • cvery.comdel06011434242343/下载说明.htm
    .html .js polyglot
  • cvery.comdel06011434242343/说明.txt