Overview

overview

7

Static

static

3

224825411/...ni.exe

windows7-x64

1

224825411/...ni.exe

windows10-2004-x64

1

224825411/bin/pos.exe

windows7-x64

1

224825411/bin/pos.exe

windows10-2004-x64

1

224825411/...mo.exe

windows7-x64

1

224825411/...mo.exe

windows10-2004-x64

1

224825411/...IN.dll

windows7-x64

3

224825411/...IN.dll

windows10-2004-x64

3

224825411/myrfs.exe

windows7-x64

7

224825411/myrfs.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    f78f339c2af4654658d993b2b1a5cccb_JaffaCakes118

  • Size

    4.6MB

  • MD5

    f78f339c2af4654658d993b2b1a5cccb

  • SHA1

    b8715852fed7ea0d51c2fe9a9181c225004402e6

  • SHA256

    c26a2885a4fd2931cd9dc5d2a1bf834bc588d4d6d6236e90c868845f4f7d29de

  • SHA512

    aa23918c057ff2a92f31a65c235780162fb9726b229e0885a6bad127775448eb4dfe252cb7adcf47bfd4a32598527156407000a807de4775b489906c1703fe01

  • SSDEEP

    98304:PmXeJx7x2fz0MFaYgWnoUoMQyfC0O9A2R6ASUixQe0NO:OXeJib0MymlQA34PRl0xx

Score
3/10

Malware Config

Signatures

  • Unsigned PE 5 IoCs

    Checks for missing Authenticode signature.

Files

  • f78f339c2af4654658d993b2b1a5cccb_JaffaCakes118
    .rar
  • 224825411/bin/data.ini
  • 224825411/bin/databaseini.cfg
  • 224825411/bin/databaseini.dof
  • 224825411/bin/databaseini.dpr
  • 224825411/bin/databaseini.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • 224825411/bin/databaseini.res
  • 224825411/bin/dayout.txt
  • 224825411/bin/dcout.txt
  • 224825411/bin/dispaly.ini
  • 224825411/bin/drout.txt
  • 224825411/bin/hyxfqk.txt
  • 224825411/bin/kc.txt
  • 224825411/bin/monthout.txt
  • 224825411/bin/movein.txt
  • 224825411/bin/moveout.txt
  • 224825411/bin/output.txt
  • 224825411/bin/pos.cfg
  • 224825411/bin/pos.dof
  • 224825411/bin/pos.dpr
  • 224825411/bin/pos.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • 224825411/bin/pos.res
  • 224825411/bin/pos_Data.MDF
  • 224825411/bin/pos_Log.LDF
  • 224825411/bin/print.ini
  • 224825411/bin/sell.ini
  • 224825411/bin/windows/LK602DEMO.INI
  • 224825411/bin/windows/LK602Demo.exe
    .exe windows:4 windows x86 arch:x86

    621e04c8b98c630e95e54b103b0221f0


    Headers

    Imports

    Sections

  • 224825411/bin/windows/Lk60xWIN.c
  • 224825411/bin/windows/Lk60xWIN.dll
    .dll windows:4 windows x86 arch:x86


    Headers

    Exports

    Sections

  • 224825411/bin/windows/Lk60xWIN.txt
  • 224825411/bin/windows/card.dat
  • 224825411/bin/windows/test.TXT
  • 224825411/image/cx.ico
  • 224825411/image/cxdy.ico
  • 224825411/image/db.ico
  • 224825411/image/fx.ico
  • 224825411/image/gb.ico
  • 224825411/image/login.BMP
  • 224825411/image/qd.bmp
  • 224825411/image/sjwh.ico
  • 224825411/image/stsz.ico
  • 224825411/image/sz.ico
  • 224825411/image/tc.ico
  • 224825411/image/title.ICO
  • 224825411/image/top.bmp
  • 224825411/image/xsfx.ico
  • 224825411/image/保存.bmp
  • 224825411/image/删除.bmp
  • 224825411/image/取消.bmp
  • 224825411/image/打印.bmp
  • 224825411/image/搜索.bmp
  • 224825411/image/离开.bmp
  • 224825411/myrfs.EXE
    .exe windows:4 windows x86 arch:x86

    e41c25ab7824b3df73334188c40518ae


    Headers

    Imports

    Exports

    Sections

  • 224825411/source/AdvGrid.dcu
  • 224825411/source/AdvObj.dcu
  • 224825411/source/AdvUtil.dcu
  • 224825411/source/AdvXPVS.dcu
  • 224825411/source/AsgCheck.dcu
  • 224825411/source/AsgCombo.dcu
  • 224825411/source/AsgDD.dcu
  • 224825411/source/AsgEdit.dcu
  • 224825411/source/AsgHTMLE.dcu
  • 224825411/source/AsgSpin.dcu
  • 224825411/source/AsgUni.dcu
  • 224825411/source/BaseGrid.dcu
  • 224825411/source/CalculatorEh.dcu
  • 224825411/source/DBGridEh.dcu
  • 224825411/source/DBGridEhImpExp.dcu
  • 224825411/source/DBLookupGridsEh.dcu
  • 224825411/source/DBSumLst.dcu
  • 224825411/source/DbUtilsEh.dcu
  • 224825411/source/EhLibConsts.dcu
  • 224825411/source/PictureContainer.dcu
  • 224825411/source/PrViewEh.dcu
  • 224825411/source/PrnDGDlg.dcu
  • 224825411/source/PrnDbgeh.dcu
  • 224825411/source/PrntsEh.dcu
  • 224825411/source/PropFilerEh.dcu
  • 224825411/source/PrvFrmEh.dcu
  • 224825411/source/ToolCtrlsEh.dcu
  • 224825411/source/changeunt.dcu
  • 224825411/source/changeunt.ddp
  • 224825411/source/changeunt.dfm
  • 224825411/source/changeunt.pas
  • 224825411/source/ckdyjlunt.dcu
  • 224825411/source/ckdyjlunt.ddp
  • 224825411/source/ckdyjlunt.dfm
  • 224825411/source/ckdyjlunt.pas
  • 224825411/source/cklyunt.dcu
  • 224825411/source/cklyunt.ddp
  • 224825411/source/cklyunt.dfm
  • 224825411/source/cklyunt.pas
  • 224825411/source/data.dcu
  • 224825411/source/data.ddp
  • 224825411/source/data.dfm
  • 224825411/source/data.pas
  • 224825411/source/databaseunt.dcu
  • 224825411/source/databaseunt.ddp
  • 224825411/source/databaseunt.dfm
  • 224825411/source/databaseunt.pas
  • 224825411/source/datam.dcu
  • 224825411/source/datam.pas
  • 224825411/source/dccxunt.dcu
  • 224825411/source/dccxunt.ddp
  • 224825411/source/dccxunt.dfm
  • 224825411/source/dccxunt.pas
  • 224825411/source/dcunt.dcu
  • 224825411/source/dcunt.ddp
  • 224825411/source/dcunt.dfm
  • 224825411/source/dcunt.pas
  • 224825411/source/dcwhunt.dcu
  • 224825411/source/dcwhunt.ddp
  • 224825411/source/dcwhunt.dfm
  • 224825411/source/dcwhunt.pas
  • 224825411/source/drcxunt.dcu
  • 224825411/source/drcxunt.ddp
  • 224825411/source/drcxunt.dfm
  • 224825411/source/drcxunt.pas
  • 224825411/source/drmainunt.dcu
  • 224825411/source/drmainunt.ddp
  • 224825411/source/drmainunt.dfm
  • 224825411/source/drmainunt.pas
  • 224825411/source/drwhunt.dcu
  • 224825411/source/drwhunt.ddp
  • 224825411/source/drwhunt.dfm
  • 224825411/source/drwhunt.pas
  • 224825411/source/hbunt.dcu
  • 224825411/source/hbunt.ddp
  • 224825411/source/hbunt.dfm
  • 224825411/source/hbunt.pas
  • 224825411/source/hycxunt.dcu
  • 224825411/source/hycxunt.ddp
  • 224825411/source/hycxunt.dfm
  • 224825411/source/hycxunt.pas
  • 224825411/source/hyqkcx.dcu
  • 224825411/source/hyqkcx.ddp
  • 224825411/source/hyqkcx.dfm
  • 224825411/source/hyqkcx.pas
  • 224825411/source/hyszunt.dcu
  • 224825411/source/hyszunt.ddp
  • 224825411/source/hyszunt.dfm
  • 224825411/source/hyszunt.pas
  • 224825411/source/hyunt.dcu
  • 224825411/source/hyunt.ddp
  • 224825411/source/hyunt.dfm
  • 224825411/source/hyunt.pas
  • 224825411/source/hyxfphunt.dcu
  • 224825411/source/hyxfphunt.ddp
  • 224825411/source/hyxfphunt.dfm
  • 224825411/source/hyxfphunt.pas
  • 224825411/source/jgwhunt.dcu
  • 224825411/source/jgwhunt.ddp
  • 224825411/source/jgwhunt.dfm
  • 224825411/source/jgwhunt.pas
  • 224825411/source/jswcunt.dcu
  • 224825411/source/jswcunt.ddp
  • 224825411/source/jswcunt.dfm
  • 224825411/source/jswcunt.pas
  • 224825411/source/kcqkunt.dcu
  • 224825411/source/kcqkunt.ddp
  • 224825411/source/kcqkunt.dfm
  • 224825411/source/kcqkunt.pas
  • 224825411/source/login.dcu
  • 224825411/source/login.ddp
  • 224825411/source/login.dfm
  • 224825411/source/login.pas
  • 224825411/source/lyunt.dcu
  • 224825411/source/lyunt.ddp
  • 224825411/source/lyunt.dfm
  • 224825411/source/lyunt.pas
  • 224825411/source/maind.dcu
  • 224825411/source/maind.pas
  • 224825411/source/mainunt.dcu
  • 224825411/source/mainunt.ddp
  • 224825411/source/mainunt.dfm
  • 224825411/source/mainunt.pas
  • 224825411/source/mrxsfxunt.dcu
  • 224825411/source/mrxsfxunt.ddp
  • 224825411/source/mrxsfxunt.dfm
  • 224825411/source/mrxsfxunt.pas
  • 224825411/source/mxOutlookBarPro.dcu
  • 224825411/source/pdunt.dcu
  • 224825411/source/pdunt.ddp
  • 224825411/source/pdunt.dfm
  • 224825411/source/pdunt.pas
  • 224825411/source/printsetupunt.dcu
  • 224825411/source/printsetupunt.ddp
  • 224825411/source/printsetupunt.dfm
  • 224825411/source/printsetupunt.pas
  • 224825411/source/pswunt.dcu
  • 224825411/source/pswunt.ddp
  • 224825411/source/pswunt.dfm
  • 224825411/source/pswunt.pas
  • 224825411/source/qdsxunt.dcu
  • 224825411/source/qdsxunt.ddp
  • 224825411/source/qdsxunt.dfm
  • 224825411/source/qdsxunt.pas
  • 224825411/source/rlunt.dcu
  • 224825411/source/rlunt.ddp
  • 224825411/source/rlunt.dfm
  • 224825411/source/rlunt.pas
  • 224825411/source/sjbfunt.dcu
  • 224825411/source/sjbfunt.ddp
  • 224825411/source/sjbfunt.dfm
  • 224825411/source/sjbfunt.pas
  • 224825411/source/sjhfunt.dcu
  • 224825411/source/sjhfunt.ddp
  • 224825411/source/sjhfunt.dfm
  • 224825411/source/sjhfunt.pas
  • 224825411/source/spxsphbunt.dcu
  • 224825411/source/spxsphbunt.ddp
  • 224825411/source/spxsphbunt.dfm
  • 224825411/source/spxsphbunt.pas
  • 224825411/source/start.dcu
  • 224825411/source/start.ddp
  • 224825411/source/start.dfm
  • 224825411/source/start.pas
  • 224825411/source/sysiniunt.dcu
  • 224825411/source/sysiniunt.ddp
  • 224825411/source/sysiniunt.dfm
  • 224825411/source/sysiniunt.pas
  • 224825411/source/thcxunt.dcu
  • 224825411/source/thcxunt.ddp
  • 224825411/source/thcxunt.dfm
  • 224825411/source/thcxunt.pas
  • 224825411/source/thmainunt.dcu
  • 224825411/source/thmainunt.ddp
  • 224825411/source/thmainunt.dfm
  • 224825411/source/thmainunt.pas
  • 224825411/source/thunt.dcu
  • 224825411/source/thunt.ddp
  • 224825411/source/thunt.dfm
  • 224825411/source/thunt.pas
  • 224825411/source/thwhunt.dcu
  • 224825411/source/thwhunt.ddp
  • 224825411/source/thwhunt.dfm
  • 224825411/source/thwhunt.pas
  • 224825411/source/update.dcu
  • 224825411/source/update.dfm
  • 224825411/source/update.pas
  • 224825411/source/vipunt.dcu
  • 224825411/source/vipunt.ddp
  • 224825411/source/vipunt.dfm
  • 224825411/source/vipunt.pas
  • 224825411/source/vipxzunt.dcu
  • 224825411/source/vipxzunt.ddp
  • 224825411/source/vipxzunt.dfm
  • 224825411/source/vipxzunt.pas
  • 224825411/source/xtszunt.dcu
  • 224825411/source/xtszunt.ddp
  • 224825411/source/xtszunt.dfm
  • 224825411/source/xtszunt.pas
  • 224825411/source/yjunt.dcu
  • 224825411/source/yjunt.ddp
  • 224825411/source/yjunt.dfm
  • 224825411/source/yjunt.pas
  • 224825411/下载说明.htm
    .html .js polyglot