aa52b5cf33748b2be038553808ea3481_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

aa52b5cf33748b2be038553808ea3481_JaffaCakes118
Size

257KB
MD5

aa52b5cf33748b2be038553808ea3481
SHA1

0a0033536559d83edcb49d4081db1c53001cfc7c
SHA256

a597223a8c70c841f2fdd32c2d8aeabf7c92d102d39bf0c684dc45816bbb7bd9
SHA512

dacddfae70e51d993332aa192fbcc5b369c6502bf86c235c6e3ff32daac65b2c3d45527d8f1636b5309efb026baeedb4b0fd07ee2cd6a81fbf74cc675e173dd5
SSDEEP

6144:JHKKyvmSb2b9LxI3xsyTwoc4dOqtEaFUBHIcuYhR2Ybu:JHkvmWYwxGoS5dvo

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/cvery.comdel71754353456255/Project1.exe
unpack001/cvery.comdel71754353456255/qqhook.dll

Files

aa52b5cf33748b2be038553808ea3481_JaffaCakes118
.rar
cvery.comdel71754353456255/HookType.dcu
cvery.comdel71754353456255/HookType.pas
cvery.comdel71754353456255/Project1.cfg
cvery.comdel71754353456255/Project1.dof
cvery.comdel71754353456255/Project1.dpr
cvery.comdel71754353456255/Project1.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 329KB - Virtual size: 328KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
cvery.comdel71754353456255/Project1.res
cvery.comdel71754353456255/Unit1.dcu
cvery.comdel71754353456255/Unit1.ddp
cvery.comdel71754353456255/Unit1.dfm
cvery.comdel71754353456255/Unit1.pas
cvery.comdel71754353456255/qqhook.cfg
cvery.comdel71754353456255/qqhook.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

InstallHook

Sections

CODE
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 73B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
cvery.comdel71754353456255/qqhook.dof
cvery.comdel71754353456255/qqhook.dpr
cvery.comdel71754353456255/下载说明.htm
.html .js polyglot
cvery.comdel71754353456255/帮助说明.chm
.chm

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

CODE Size: 329KB - Virtual size: 328KB

DATA Size: 4KB - Virtual size: 4KB

BSS Size: - Virtual size: 2KB

.idata Size: 9KB - Virtual size: 8KB

.tls Size: - Virtual size: 16B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 23KB - Virtual size: 23KB

.rsrc Size: 21KB - Virtual size: 21KB

Headers

File Characteristics

Exports

Exports

Sections

CODE Size: 10KB - Virtual size: 10KB

DATA Size: 512B - Virtual size: 176B

BSS Size: - Virtual size: 1KB

.idata Size: 1KB - Virtual size: 1KB

.edata Size: 512B - Virtual size: 73B

.reloc Size: 1024B - Virtual size: 888B

.rsrc Size: 512B - Virtual size: 512B

CODE
Size: 329KB - Virtual size: 328KB

DATA
Size: 4KB - Virtual size: 4KB

BSS
Size: - Virtual size: 2KB

.idata
Size: 9KB - Virtual size: 8KB

.tls
Size: - Virtual size: 16B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 23KB - Virtual size: 23KB

.rsrc
Size: 21KB - Virtual size: 21KB

CODE
Size: 10KB - Virtual size: 10KB

DATA
Size: 512B - Virtual size: 176B

BSS
Size: - Virtual size: 1KB

.idata
Size: 1KB - Virtual size: 1KB

.edata
Size: 512B - Virtual size: 73B

.reloc
Size: 1024B - Virtual size: 888B

.rsrc
Size: 512B - Virtual size: 512B