d2d177e78948490217ea7ae9361d901c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d2d177e78948490217ea7ae9361d901c_JaffaCakes118
Size

555KB
MD5

d2d177e78948490217ea7ae9361d901c
SHA1

8c1ded31867e269521f1a4d16cbc49cbf06c2640
SHA256

bd829a2625a13f1002c873f97295511d9d498ab445146fe58674c605ef4a0632
SHA512

fa6b769c850f081ebb7eaba22b9b29d5295858f7818912e49b4f27b80ef7bc33c02965236184b0ad11876e1b09e5f32495647ed9e837f1ab828ad868c06904f4
SSDEEP

12288:WmwzwHlJ+ij7bjLn1RrMSL3BLXnawTsBtoz:2zwHqELn1tbnahEz

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/cvery.comdel46799224455/Client/svchost.exe
unpack001/cvery.comdel46799224455/控制服务器/killserver.exe

Files

d2d177e78948490217ea7ae9361d901c_JaffaCakes118
.rar
cvery.comdel46799224455/Client/pas_Client.dcu
cvery.comdel46799224455/Client/pas_Client.ddp
cvery.comdel46799224455/Client/pas_Client.dfm
cvery.comdel46799224455/Client/pas_Client.pas
cvery.comdel46799224455/Client/svchost.cfg
cvery.comdel46799224455/Client/svchost.dof
cvery.comdel46799224455/Client/svchost.dpr
cvery.comdel46799224455/Client/svchost.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 332KB - Virtual size: 332KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 20B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
cvery.comdel46799224455/下载说明.htm
.html .js polyglot
cvery.comdel46799224455/控制服务器/Project1.cfg
cvery.comdel46799224455/控制服务器/Project1.dof
cvery.comdel46799224455/控制服务器/Project1.res
cvery.comdel46799224455/控制服务器/Unit1.dcu
cvery.comdel46799224455/控制服务器/Unit1.ddp
cvery.comdel46799224455/控制服务器/Unit1.dfm
cvery.comdel46799224455/控制服务器/Unit1.pas
cvery.comdel46799224455/控制服务器/desunit.dcu
cvery.comdel46799224455/控制服务器/desunit.pas
cvery.comdel46799224455/控制服务器/kill.txt
cvery.comdel46799224455/控制服务器/killserver.cfg
cvery.comdel46799224455/控制服务器/killserver.dof
cvery.comdel46799224455/控制服务器/killserver.dpr
cvery.comdel46799224455/控制服务器/killserver.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 1010KB - Virtual size: 1009KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 7KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 20B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
cvery.comdel46799224455/控制服务器/killserver.res

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

CODE Size: 332KB - Virtual size: 332KB

DATA Size: 4KB - Virtual size: 4KB

BSS Size: - Virtual size: 3KB

.idata Size: 9KB - Virtual size: 8KB

.tls Size: - Virtual size: 20B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 23KB - Virtual size: 22KB

.rsrc Size: 27KB - Virtual size: 27KB

Headers

File Characteristics

Sections

CODE Size: 1010KB - Virtual size: 1009KB

DATA Size: 9KB - Virtual size: 9KB

BSS Size: - Virtual size: 7KB

.idata Size: 11KB - Virtual size: 10KB

.tls Size: - Virtual size: 20B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 60KB - Virtual size: 59KB

.rsrc Size: 89KB - Virtual size: 89KB

CODE
Size: 332KB - Virtual size: 332KB

DATA
Size: 4KB - Virtual size: 4KB

BSS
Size: - Virtual size: 3KB

.idata
Size: 9KB - Virtual size: 8KB

.tls
Size: - Virtual size: 20B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 23KB - Virtual size: 22KB

.rsrc
Size: 27KB - Virtual size: 27KB

CODE
Size: 1010KB - Virtual size: 1009KB

DATA
Size: 9KB - Virtual size: 9KB

BSS
Size: - Virtual size: 7KB

.idata
Size: 11KB - Virtual size: 10KB

.tls
Size: - Virtual size: 20B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 60KB - Virtual size: 59KB

.rsrc
Size: 89KB - Virtual size: 89KB