a60fe33aa7174402b4b167b96151e37a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

a60fe33aa7174402b4b167b96151e37a_JaffaCakes118
Size

1.3MB
MD5

a60fe33aa7174402b4b167b96151e37a
SHA1

3167792cd3144fe97709e6c3bff0f09a4639fce0
SHA256

067f11eba4f0095ea056ac158a73f006873f9f8b908984f60c18036d3bae2e67
SHA512

897c272964d024d83ee5b8dc861283e8f8bf949e3371987819829c7920b450328a740d4b578abe4867e1e633c1aa1fd2810dc04902afdf30cdfb7823bb379657
SSDEEP

24576:qc7YIHpGw8HTPtrAW2P7p+Xdvdc6urtljajL+ezC/6cFriPZGv2:H7mFrA/P7p+tdcTrtBeLnC/KZ/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/2005121611581996/2005121611581996/HgzVip1.2/Client/Languages/Big5GB.exe

Files

a60fe33aa7174402b4b167b96151e37a_JaffaCakes118
.rar
2005121611581996/2005121611581996/HgzVip1.2/Client/APFUnit.pas
2005121611581996/2005121611581996/HgzVip1.2/Client/AboutUnit.dfm
2005121611581996/2005121611581996/HgzVip1.2/Client/AboutUnit.pas
2005121611581996/2005121611581996/HgzVip1.2/Client/BASE64.pas
2005121611581996/2005121611581996/HgzVip1.2/Client/BmpToAviUnit.dfm
2005121611581996/2005121611581996/HgzVip1.2/Client/BmpToAviUnit.pas
2005121611581996/2005121611581996/HgzVip1.2/Client/Cache/hmy.gif
.gif
2005121611581996/2005121611581996/HgzVip1.2/Client/Changyong.pas
2005121611581996/2005121611581996/HgzVip1.2/Client/ConfigServerUnit.dfm
2005121611581996/2005121611581996/HgzVip1.2/Client/ConfigServerUnit.pas
2005121611581996/2005121611581996/HgzVip1.2/Client/DAT/hmy.gif
.gif
2005121611581996/2005121611581996/HgzVip1.2/Client/DAT/hmyIp.dat
2005121611581996/2005121611581996/HgzVip1.2/Client/DESCrypt.pas
2005121611581996/2005121611581996/HgzVip1.2/Client/DelphiVid.pas
.js
2005121611581996/2005121611581996/HgzVip1.2/Client/Dialog.dfm
2005121611581996/2005121611581996/HgzVip1.2/Client/Dialog.pas
2005121611581996/2005121611581996/HgzVip1.2/Client/DlgshowUnit.pas
.js
2005121611581996/2005121611581996/HgzVip1.2/Client/DownGifUnit.pas
2005121611581996/2005121611581996/HgzVip1.2/Client/ExeToolUnit.dfm
2005121611581996/2005121611581996/HgzVip1.2/Client/ExeToolUnit.pas
2005121611581996/2005121611581996/HgzVip1.2/Client/FTPIp.dat
2005121611581996/2005121611581996/HgzVip1.2/Client/FTPServerUnit.dfm
2005121611581996/2005121611581996/HgzVip1.2/Client/FTPServerUnit.pas
.js
2005121611581996/2005121611581996/HgzVip1.2/Client/FTPThread.pas
2005121611581996/2005121611581996/HgzVip1.2/Client/FindFileS.dfm
2005121611581996/2005121611581996/HgzVip1.2/Client/FindFileS.pas
2005121611581996/2005121611581996/HgzVip1.2/Client/FtpDownUnit.dfm
2005121611581996/2005121611581996/HgzVip1.2/Client/FtpDownUnit.pas
2005121611581996/2005121611581996/HgzVip1.2/Client/FtpUpUnit1.dfm
2005121611581996/2005121611581996/HgzVip1.2/Client/FtpUpUnit1.pas
2005121611581996/2005121611581996/HgzVip1.2/Client/H_Client.chs
2005121611581996/2005121611581996/HgzVip1.2/Client/H_Client.cht
2005121611581996/2005121611581996/HgzVip1.2/Client/H_Client.dpr
2005121611581996/2005121611581996/HgzVip1.2/Client/H_Client.eng
2005121611581996/2005121611581996/HgzVip1.2/Client/H_Client.res
2005121611581996/2005121611581996/HgzVip1.2/Client/H_Client.upx
2005121611581996/2005121611581996/HgzVip1.2/Client/Help.chm
.chm
2005121611581996/2005121611581996/HgzVip1.2/Client/INetUtil.pas
2005121611581996/2005121611581996/HgzVip1.2/Client/LINE.BMP
2005121611581996/2005121611581996/HgzVip1.2/Client/LOGIN.PAS
2005121611581996/2005121611581996/HgzVip1.2/Client/LOGIN.dfm
2005121611581996/2005121611581996/HgzVip1.2/Client/Langmgr/LangFrm.dcu
2005121611581996/2005121611581996/HgzVip1.2/Client/Langmgr/LangFrm.pas
2005121611581996/2005121611581996/HgzVip1.2/Client/Langmgr/LangMgr.dcu
2005121611581996/2005121611581996/HgzVip1.2/Client/Langmgr/LangMgr.pas
2005121611581996/2005121611581996/HgzVip1.2/Client/Langmgr/LangObj.dcu
2005121611581996/2005121611581996/HgzVip1.2/Client/Langmgr/LangObj.pas
2005121611581996/2005121611581996/HgzVip1.2/Client/Languages/Big5GB.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 100KB - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
2005121611581996/2005121611581996/HgzVip1.2/Client/Languages/H_Client.chs
2005121611581996/2005121611581996/HgzVip1.2/Client/Languages/H_Client.cht
2005121611581996/2005121611581996/HgzVip1.2/Client/Languages/H_Client.eng
2005121611581996/2005121611581996/HgzVip1.2/Client/Languages/Languages.rar
.rar
H_Client.chs
H_Client.cht
H_Client.eng
2005121611581996/2005121611581996/HgzVip1.2/Client/Languages/Operate.ini
2005121611581996/2005121611581996/HgzVip1.2/Client/Languages/dat/huigezi.gif
.gif
2005121611581996/2005121611581996/HgzVip1.2/Client/Lh5Unit.pas
2005121611581996/2005121611581996/HgzVip1.2/Client/MSNPopUp.dcr
2005121611581996/2005121611581996/HgzVip1.2/Client/MSNPopUp.pas
2005121611581996/2005121611581996/HgzVip1.2/Client/MSNPopUp.rc
2005121611581996/2005121611581996/HgzVip1.2/Client/MSNPopUp.res
2005121611581996/2005121611581996/HgzVip1.2/Client/Main.dfm
2005121611581996/2005121611581996/HgzVip1.2/Client/Main.pas
.js
2005121611581996/2005121611581996/HgzVip1.2/Client/MsgSimulator.pas
.js
2005121611581996/2005121611581996/HgzVip1.2/Client/My_StreamManage.pas
2005121611581996/2005121611581996/HgzVip1.2/Client/NewxpSer.dfm
2005121611581996/2005121611581996/HgzVip1.2/Client/NewxpSer.pas
2005121611581996/2005121611581996/HgzVip1.2/Client/Operate.ini
2005121611581996/2005121611581996/HgzVip1.2/Client/Project1.res
2005121611581996/2005121611581996/HgzVip1.2/Client/RegEditUnit.dfm
2005121611581996/2005121611581996/HgzVip1.2/Client/RegEditUnit.pas
2005121611581996/2005121611581996/HgzVip1.2/Client/RegHexEdit.dfm
2005121611581996/2005121611581996/HgzVip1.2/Client/RegHexEdit.pas
2005121611581996/2005121611581996/HgzVip1.2/Client/SOUND/文件上传完毕.wav
2005121611581996/2005121611581996/HgzVip1.2/Client/SOUND/文件下传完毕.wav
2005121611581996/2005121611581996/HgzVip1.2/Client/SOUND/有主机上线请注意.wav
2005121611581996/2005121611581996/HgzVip1.2/Client/SOUND/有主机下线请注意.wav
2005121611581996/2005121611581996/HgzVip1.2/Client/SOUND/自动上线设置成功.wav
2005121611581996/2005121611581996/HgzVip1.2/Client/ScanComputer.dfm
2005121611581996/2005121611581996/HgzVip1.2/Client/Scanover.dfm
2005121611581996/2005121611581996/HgzVip1.2/Client/Scanover.pas
2005121611581996/2005121611581996/HgzVip1.2/Client/ShowPic.dfm
2005121611581996/2005121611581996/HgzVip1.2/Client/ShowPic.pas
2005121611581996/2005121611581996/HgzVip1.2/Client/SkinData.pas
.js
2005121611581996/2005121611581996/HgzVip1.2/Client/Splash.dfm
2005121611581996/2005121611581996/HgzVip1.2/Client/Splash.pas
2005121611581996/2005121611581996/HgzVip1.2/Client/SysInf.dfm
2005121611581996/2005121611581996/HgzVip1.2/Client/SysInf.pas
2005121611581996/2005121611581996/HgzVip1.2/Client/TVideoThreadUnit.pas
2005121611581996/2005121611581996/HgzVip1.2/Client/UpIp.dfm
2005121611581996/2005121611581996/HgzVip1.2/Client/UpIp.pas
2005121611581996/2005121611581996/HgzVip1.2/Client/configfile.dfm
2005121611581996/2005121611581996/HgzVip1.2/Client/configfile.pas
2005121611581996/2005121611581996/HgzVip1.2/Client/headers.pas
.js
2005121611581996/2005121611581996/HgzVip1.2/Client/icotool/IconLibrary.dcu
2005121611581996/2005121611581996/HgzVip1.2/Client/icotool/IconLibrary.pas
2005121611581996/2005121611581996/HgzVip1.2/Client/icotool/IconTools.dcu
2005121611581996/2005121611581996/HgzVip1.2/Client/icotool/IconTools.pas
2005121611581996/2005121611581996/HgzVip1.2/Client/icotool/Icontypes.dcu
2005121611581996/2005121611581996/HgzVip1.2/Client/icotool/Icontypes.pas
2005121611581996/2005121611581996/HgzVip1.2/Client/icotool/unitExIcon.dcu
2005121611581996/2005121611581996/HgzVip1.2/Client/icotool/unitExIcon.pas
.js
2005121611581996/2005121611581996/HgzVip1.2/Client/icotool/unitPEFile.dcu
2005121611581996/2005121611581996/HgzVip1.2/Client/icotool/unitPEFile.pas
2005121611581996/2005121611581996/HgzVip1.2/Client/icotool/unitResourceDetails.dcu
2005121611581996/2005121611581996/HgzVip1.2/Client/icotool/unitResourceDetails.pas
2005121611581996/2005121611581996/HgzVip1.2/Client/icotool/unitResourceGraphics.dcu
2005121611581996/2005121611581996/HgzVip1.2/Client/icotool/unitResourceGraphics.pas
2005121611581996/2005121611581996/HgzVip1.2/Client/mixing.pas
.js
2005121611581996/2005121611581996/HgzVip1.2/Client/soundConverter.pas
2005121611581996/2005121611581996/HgzVip1.2/Client/soundOut.pas
2005121611581996/2005121611581996/HgzVip1.2/Client/soundin.pas
2005121611581996/2005121611581996/HgzVip1.2/Client/spUtils.pas
2005121611581996/2005121611581996/HgzVip1.2/Server/BASE64.pas
2005121611581996/2005121611581996/HgzVip1.2/Server/CleanerLogUnit.pas
2005121611581996/2005121611581996/HgzVip1.2/Server/Clearold.bat
2005121611581996/2005121611581996/HgzVip1.2/Server/DlgshowUnit.pas
.js
2005121611581996/2005121611581996/HgzVip1.2/Server/DownFileUnit.pas
2005121611581996/2005121611581996/HgzVip1.2/Server/DownLoadFileUnit.pas
2005121611581996/2005121611581996/HgzVip1.2/Server/FtpUnit.pas
2005121611581996/2005121611581996/HgzVip1.2/Server/H_Server.dpr
2005121611581996/2005121611581996/HgzVip1.2/Server/H_Server.res
2005121611581996/2005121611581996/HgzVip1.2/Server/HttpProxy.pas
2005121611581996/2005121611581996/HgzVip1.2/Server/MainServer.dfm
2005121611581996/2005121611581996/HgzVip1.2/Server/MainServer.pas
.js
2005121611581996/2005121611581996/HgzVip1.2/Server/My_StreamManage.pas
2005121611581996/2005121611581996/HgzVip1.2/Server/Socks5Proxy.pas
2005121611581996/2005121611581996/HgzVip1.2/Server/TACMWaveInUnit.pas
2005121611581996/2005121611581996/HgzVip1.2/Server/TACMWaveOutUnit.pas
2005121611581996/2005121611581996/HgzVip1.2/Server/TScrControlUnit.pas
2005121611581996/2005121611581996/HgzVip1.2/Server/TScreenCaptureUnit.pas
2005121611581996/2005121611581996/HgzVip1.2/Server/TVideoThreadUnit.pas
2005121611581996/2005121611581996/HgzVip1.2/Server/WinSvcEx.pas
.js
2005121611581996/2005121611581996/HgzVip1.2/Server/WinntService.pas
2005121611581996/2005121611581996/HgzVip1.2/Server/headers.pas
.js
2005121611581996/2005121611581996/HgzVip1.2/Server/mixing.pas
.js
2005121611581996/2005121611581996/HgzVip1.2/Server/pluginplugin.dpr
2005121611581996/2005121611581996/HgzVip1.2/Server/sharePsw.pas
2005121611581996/2005121611581996/HgzVip1.2/Server/soundConverter.pas
2005121611581996/2005121611581996/HgzVip1.2/Server/soundOut.pas
2005121611581996/2005121611581996/HgzVip1.2/Server/soundin.pas
2005121611581996/2005121611581996/HgzVip1.2/Server/untProxy.pas
2005121611581996/2005121611581996/HgzVip1.2/Server/vfw.pas
.js
2005121611581996/2005121611581996/HgzVip1.2/说明.txt

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

CODE Size: 100KB - Virtual size: 220KB

DATA Size: 1024B - Virtual size: 4KB

BSS Size: - Virtual size: 4KB

.idata Size: 3KB - Virtual size: 8KB

.tls Size: - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.reloc Size: - Virtual size: 16KB

.rsrc Size: 44KB - Virtual size: 128KB

.data Size: 4KB - Virtual size: 4KB

CODE
Size: 100KB - Virtual size: 220KB

DATA
Size: 1024B - Virtual size: 4KB

BSS
Size: - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 8KB

.tls
Size: - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.reloc
Size: - Virtual size: 16KB

.rsrc
Size: 44KB - Virtual size: 128KB

.data
Size: 4KB - Virtual size: 4KB