Overview

overview

7

Static

static

7

cvery.comd...er.exe

windows7-x64

3

cvery.comd...er.exe

windows10-2004-x64

3

cvery.comd...Vid.js

windows7-x64

3

cvery.comd...Vid.js

windows10-2004-x64

3

cvery.comd...nit.js

windows7-x64

3

cvery.comd...nit.js

windows10-2004-x64

3

cvery.comd...nit.js

windows7-x64

3

cvery.comd...nit.js

windows10-2004-x64

3

cvery.comd...lp.chm

windows7-x64

1

cvery.comd...lp.chm

windows10-2004-x64

1

cvery.comd...GB.exe

windows7-x64

3

cvery.comd...GB.exe

windows10-2004-x64

3

cvery.comd...ain.js

windows7-x64

3

cvery.comd...ain.js

windows10-2004-x64

3

cvery.comd...tor.js

windows7-x64

3

cvery.comd...tor.js

windows10-2004-x64

3

cvery.comd...ata.js

windows7-x64

3

cvery.comd...ata.js

windows10-2004-x64

3

cvery.comd...ers.js

windows7-x64

3

cvery.comd...ers.js

windows10-2004-x64

3

cvery.comd...con.js

windows7-x64

3

cvery.comd...con.js

windows10-2004-x64

3

cvery.comd...ing.js

windows7-x64

3

cvery.comd...ing.js

windows10-2004-x64

3

cvery.comd...ld.bat

windows7-x64

1

cvery.comd...ld.bat

windows10-2004-x64

1

cvery.comd...nit.js

windows7-x64

3

cvery.comd...nit.js

windows10-2004-x64

3

cvery.comd...ver.js

windows7-x64

3

cvery.comd...ver.js

windows10-2004-x64

3

cvery.comd...cEx.js

windows7-x64

3

cvery.comd...cEx.js

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    d1c71fb97b090c2d4d7cc409fc2f9c43_JaffaCakes118

  • Size

    1.6MB

  • MD5

    d1c71fb97b090c2d4d7cc409fc2f9c43

  • SHA1

    b9fb59d33f8d4c42dcc6d1a2a3b917524fcb4d43

  • SHA256

    031b9ad569fe2bd0c517190043310bc2cf576a2a7d09eb4889b50092eaab743a

  • SHA512

    d1cbf5fc2d82a3d24672ec722b8ba42bd63b5bf715e4314fa95ddf9fe5621f476028f330c14f142a0d73cf97120f85c47df98719573fbe8c2c38f8a0aa9f3ecf

  • SSDEEP

    24576:WuayldIQQQV8EOdYOfn5SkA0LWoK3i5aLakB8eSo+3kV71pSJacF+58x8h:WpyDNVJOCOfngkA0mS5c1BSo4kl1W/6

Score
7/10
aspackv2

Malware Config

Signatures

  • ASPack v2.12-2.42 1 IoCs

    Detects executables packed with ASPack v2.12-2.42

    aspackv2
  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • d1c71fb97b090c2d4d7cc409fc2f9c43_JaffaCakes118
    .rar
  • cvery.comdel4699244566/Client/APFUnit.pas
  • cvery.comdel4699244566/Client/AboutUnit.dfm
  • cvery.comdel4699244566/Client/AboutUnit.pas
  • cvery.comdel4699244566/Client/BASE64.pas
  • cvery.comdel4699244566/Client/BmpToAviUnit.dfm
  • cvery.comdel4699244566/Client/BmpToAviUnit.pas
  • cvery.comdel4699244566/Client/Cache/CServer.dat
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • cvery.comdel4699244566/Client/Cache/hmy.gif
    .gif
  • cvery.comdel4699244566/Client/Changyong.pas
  • cvery.comdel4699244566/Client/ConfigServerUnit.dfm
  • cvery.comdel4699244566/Client/ConfigServerUnit.pas
  • cvery.comdel4699244566/Client/DAT/hmy.gif
    .gif
  • cvery.comdel4699244566/Client/DAT/hmyIp.dat
  • cvery.comdel4699244566/Client/DESCrypt.pas
  • cvery.comdel4699244566/Client/DelphiVid.pas
    .js
  • cvery.comdel4699244566/Client/Dialog.dfm
  • cvery.comdel4699244566/Client/Dialog.pas
  • cvery.comdel4699244566/Client/DlgshowUnit.pas
    .js
  • cvery.comdel4699244566/Client/DownGifUnit.pas
  • cvery.comdel4699244566/Client/ExeToolUnit.dfm
  • cvery.comdel4699244566/Client/ExeToolUnit.pas
  • cvery.comdel4699244566/Client/FTPIp.dat
  • cvery.comdel4699244566/Client/FTPServerUnit.dfm
  • cvery.comdel4699244566/Client/FTPServerUnit.pas
    .js
  • cvery.comdel4699244566/Client/FTPThread.pas
  • cvery.comdel4699244566/Client/FindFileS.dfm
  • cvery.comdel4699244566/Client/FindFileS.pas
  • cvery.comdel4699244566/Client/FtpDownUnit.dfm
  • cvery.comdel4699244566/Client/FtpDownUnit.pas
  • cvery.comdel4699244566/Client/FtpUpUnit1.dfm
  • cvery.comdel4699244566/Client/FtpUpUnit1.pas
  • cvery.comdel4699244566/Client/H_Client.chs
  • cvery.comdel4699244566/Client/H_Client.cht
  • cvery.comdel4699244566/Client/H_Client.dpr
  • cvery.comdel4699244566/Client/H_Client.eng
  • cvery.comdel4699244566/Client/H_Client.res
  • cvery.comdel4699244566/Client/H_Client.upx
  • cvery.comdel4699244566/Client/Help.chm
    .chm
  • cvery.comdel4699244566/Client/INetUtil.pas
  • cvery.comdel4699244566/Client/LINE.BMP
  • cvery.comdel4699244566/Client/LOGIN.PAS
  • cvery.comdel4699244566/Client/LOGIN.dfm
  • cvery.comdel4699244566/Client/Langmgr/LangFrm.dcu
  • cvery.comdel4699244566/Client/Langmgr/LangFrm.pas
  • cvery.comdel4699244566/Client/Langmgr/LangMgr.dcu
  • cvery.comdel4699244566/Client/Langmgr/LangMgr.pas
  • cvery.comdel4699244566/Client/Langmgr/LangObj.dcu
  • cvery.comdel4699244566/Client/Langmgr/LangObj.pas
  • cvery.comdel4699244566/Client/Languages/Big5GB.exe
    .exe windows:1 windows x86 arch:x86


    Headers

    Sections

  • cvery.comdel4699244566/Client/Languages/H_Client.chs
  • cvery.comdel4699244566/Client/Languages/H_Client.cht
  • cvery.comdel4699244566/Client/Languages/H_Client.eng
  • cvery.comdel4699244566/Client/Languages/Languages.rar
    .rar
  • H_Client.chs
  • H_Client.cht
  • H_Client.eng
  • cvery.comdel4699244566/Client/Languages/Operate.ini
  • cvery.comdel4699244566/Client/Languages/dat/huigezi.gif
    .gif
  • cvery.comdel4699244566/Client/Lh5Unit.pas
  • cvery.comdel4699244566/Client/MSNPopUp.dcr
  • cvery.comdel4699244566/Client/MSNPopUp.pas
  • cvery.comdel4699244566/Client/MSNPopUp.rc
  • cvery.comdel4699244566/Client/MSNPopUp.res
  • cvery.comdel4699244566/Client/Main.dfm
  • cvery.comdel4699244566/Client/Main.pas
    .js
  • cvery.comdel4699244566/Client/MsgSimulator.pas
    .js
  • cvery.comdel4699244566/Client/My_StreamManage.pas
  • cvery.comdel4699244566/Client/NewxpSer.dfm
  • cvery.comdel4699244566/Client/NewxpSer.pas
  • cvery.comdel4699244566/Client/Operate.ini
  • cvery.comdel4699244566/Client/Project1.res
  • cvery.comdel4699244566/Client/RegEditUnit.dfm
  • cvery.comdel4699244566/Client/RegEditUnit.pas
  • cvery.comdel4699244566/Client/RegHexEdit.dfm
  • cvery.comdel4699244566/Client/RegHexEdit.pas
  • cvery.comdel4699244566/Client/SOUND/文件上传完毕.wav
  • cvery.comdel4699244566/Client/SOUND/文件下传完毕.wav
  • cvery.comdel4699244566/Client/SOUND/有主机上线请注意.wav
  • cvery.comdel4699244566/Client/SOUND/有主机下线请注意.wav
  • cvery.comdel4699244566/Client/SOUND/自动上线设置成功.wav
  • cvery.comdel4699244566/Client/ScanComputer.dfm
  • cvery.comdel4699244566/Client/Scanover.dfm
  • cvery.comdel4699244566/Client/Scanover.pas
  • cvery.comdel4699244566/Client/ShowPic.dfm
  • cvery.comdel4699244566/Client/ShowPic.pas
  • cvery.comdel4699244566/Client/SkinData.pas
    .js
  • cvery.comdel4699244566/Client/Splash.dfm
  • cvery.comdel4699244566/Client/Splash.pas
  • cvery.comdel4699244566/Client/SysInf.dfm
  • cvery.comdel4699244566/Client/SysInf.pas
  • cvery.comdel4699244566/Client/TVideoThreadUnit.pas
  • cvery.comdel4699244566/Client/UpIp.dfm
  • cvery.comdel4699244566/Client/UpIp.pas
  • cvery.comdel4699244566/Client/configfile.dfm
  • cvery.comdel4699244566/Client/configfile.pas
  • cvery.comdel4699244566/Client/headers.pas
    .js
  • cvery.comdel4699244566/Client/icotool/IconLibrary.dcu
  • cvery.comdel4699244566/Client/icotool/IconLibrary.pas
  • cvery.comdel4699244566/Client/icotool/IconTools.dcu
  • cvery.comdel4699244566/Client/icotool/IconTools.pas
  • cvery.comdel4699244566/Client/icotool/Icontypes.dcu
  • cvery.comdel4699244566/Client/icotool/Icontypes.pas
  • cvery.comdel4699244566/Client/icotool/unitExIcon.dcu
  • cvery.comdel4699244566/Client/icotool/unitExIcon.pas
    .js
  • cvery.comdel4699244566/Client/icotool/unitPEFile.dcu
  • cvery.comdel4699244566/Client/icotool/unitPEFile.pas
  • cvery.comdel4699244566/Client/icotool/unitResourceDetails.dcu
  • cvery.comdel4699244566/Client/icotool/unitResourceDetails.pas
  • cvery.comdel4699244566/Client/icotool/unitResourceGraphics.dcu
  • cvery.comdel4699244566/Client/icotool/unitResourceGraphics.pas
  • cvery.comdel4699244566/Client/mixing.pas
    .js
  • cvery.comdel4699244566/Client/soundConverter.pas
  • cvery.comdel4699244566/Client/soundOut.pas
  • cvery.comdel4699244566/Client/soundin.pas
  • cvery.comdel4699244566/Client/spUtils.pas
  • cvery.comdel4699244566/Server/BASE64.pas
  • cvery.comdel4699244566/Server/CleanerLogUnit.pas
  • cvery.comdel4699244566/Server/Clearold.bat
  • cvery.comdel4699244566/Server/DlgshowUnit.pas
    .js
  • cvery.comdel4699244566/Server/DownFileUnit.pas
  • cvery.comdel4699244566/Server/DownLoadFileUnit.pas
  • cvery.comdel4699244566/Server/FtpUnit.pas
  • cvery.comdel4699244566/Server/H_Server.dpr
  • cvery.comdel4699244566/Server/H_Server.res
  • cvery.comdel4699244566/Server/HttpProxy.pas
  • cvery.comdel4699244566/Server/MainServer.dfm
  • cvery.comdel4699244566/Server/MainServer.pas
    .js
  • cvery.comdel4699244566/Server/My_StreamManage.pas
  • cvery.comdel4699244566/Server/Socks5Proxy.pas
  • cvery.comdel4699244566/Server/TACMWaveInUnit.pas
  • cvery.comdel4699244566/Server/TACMWaveOutUnit.pas
  • cvery.comdel4699244566/Server/TScrControlUnit.pas
  • cvery.comdel4699244566/Server/TScreenCaptureUnit.pas
  • cvery.comdel4699244566/Server/TVideoThreadUnit.pas
  • cvery.comdel4699244566/Server/WinSvcEx.pas
    .js
  • cvery.comdel4699244566/Server/WinntService.pas
  • cvery.comdel4699244566/Server/headers.pas
    .js
  • cvery.comdel4699244566/Server/mixing.pas
    .js
  • cvery.comdel4699244566/Server/pluginplugin.dpr
  • cvery.comdel4699244566/Server/sharePsw.pas
  • cvery.comdel4699244566/Server/soundConverter.pas
  • cvery.comdel4699244566/Server/soundOut.pas
  • cvery.comdel4699244566/Server/soundin.pas
  • cvery.comdel4699244566/Server/untProxy.pas
  • cvery.comdel4699244566/Server/vfw.pas
    .js
  • cvery.comdel4699244566/下载说明.htm
    .html .js polyglot
  • cvery.comdel4699244566/说明.txt