Overview

overview

6

Static

static

3

cvery.comd...ts.exe

windows7-x64

3

cvery.comd...ts.exe

windows10-2004-x64

3

cvery.comd...mp.bat

windows7-x64

1

cvery.comd...mp.bat

windows10-2004-x64

1

cvery.comd...na.url

windows7-x64

6

cvery.comd...na.url

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    240907-g6n7msyhkm_pw_infected.zip

  • Size

    681KB

  • MD5

    b1b5d5b687fd2f89ab5cad2bf1232df1

  • SHA1

    bf7c9f03eb708ed118f159ef9d82b5b6623647c3

  • SHA256

    6f586e3215282b7de949a7d49c9ab1378ca694c552ee5018737f3b4f89aea1df

  • SHA512

    30051b9cb1810659ee53beb38dfb46a6475b80e4a5c0c2214e3e926041e98d6e5e058a9278c1471e4c306afc150ef57cc32ce32505a34f7fdca22e4b20ef1c91

  • SSDEEP

    12288:rb5YjLn/4Da6o8SDzsoNe6ZkO4OOK+7XZbO7tUTAnirZi871DEHupyZ5W:R6n/GhSDzY6KJ/aSTAiZaupj

Score
3/10

Malware Config

Signatures

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 240907-g6n7msyhkm_pw_infected.zip
    .zip

    Password: infected

  • d146bd940d4661e74970d9c0885565e0_JaffaCakes118
    .rar

    Password: infected

  • cvery.comdel993453462352/About.dcu
  • cvery.comdel993453462352/About.dfm
  • cvery.comdel993453462352/About.pas
  • cvery.comdel993453462352/Client.dcu
  • cvery.comdel993453462352/Client.dfm
  • cvery.comdel993453462352/Client.pas
  • cvery.comdel993453462352/Connect.udl
  • cvery.comdel993453462352/Data.dcu
  • cvery.comdel993453462352/Data.dfm
  • cvery.comdel993453462352/Data.pas
  • cvery.comdel993453462352/Data/clients.mdb
  • cvery.comdel993453462352/Detail.dcu
  • cvery.comdel993453462352/Detail.dfm
  • cvery.comdel993453462352/Detail.pas
  • cvery.comdel993453462352/LX.dcu
  • cvery.comdel993453462352/LX.dfm
  • cvery.comdel993453462352/LX.pas
  • cvery.comdel993453462352/Main.dcu
  • cvery.comdel993453462352/Main.dfm
  • cvery.comdel993453462352/Main.pas
  • cvery.comdel993453462352/MiMa.dcu
  • cvery.comdel993453462352/MiMa.dfm
  • cvery.comdel993453462352/MiMa.pas
  • cvery.comdel993453462352/Pic/Thumbs.db
  • cvery.comdel993453462352/Pic/login.gif
    .gif
  • cvery.comdel993453462352/Pic/login.jpg
    .jpg

    Password: infected

  • cvery.comdel993453462352/Pic/sign.jpg
    .jpg

    Password: infected

  • cvery.comdel993453462352/Pic/sign1.ico
  • cvery.comdel993453462352/Rec.dcu
  • cvery.comdel993453462352/Rec.dfm
  • cvery.comdel993453462352/Rec.pas
  • cvery.comdel993453462352/Search.dcu
  • cvery.comdel993453462352/Search.dfm
  • cvery.comdel993453462352/Search.pas
  • cvery.comdel993453462352/System.ini
  • cvery.comdel993453462352/Unit1.dcu
  • cvery.comdel993453462352/clients.dpr
  • cvery.comdel993453462352/clients.exe
    .exe windows:4 windows x86 arch:x86

    Password: infected


    Headers

    Sections

  • cvery.comdel993453462352/clients.res
  • cvery.comdel993453462352/deltemp.bat
  • cvery.comdel993453462352/login.dcu
  • cvery.comdel993453462352/login.dfm
  • cvery.comdel993453462352/login.pas
  • cvery.comdel993453462352/sourcecodechina.url
  • cvery.comdel993453462352/下载说明.htm
    .html .js polyglot