a85b8d0a9a31bed8691f8f20dfbd33e9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a85b8d0a9a31bed8691f8f20dfbd33e9_JaffaCakes118
Size

268KB
MD5

a85b8d0a9a31bed8691f8f20dfbd33e9
SHA1

be9760c3fb84bb70edef27826e7f0341e6d793b7
SHA256

1ce8e9aa64316273bf253d153eb3410133b83c19414aca503911b3edba9aa3ba
SHA512

98107440bf92d5b1b363af05dfc0459c3a646cf54ea3b7dc555328e9ce05a2d2fb5b2b2bd76bfe31dbaa2e91d887c32cdd7c9d5403c81139313a083b4911625b
SSDEEP

6144:5QeQZJKR9BhiNS5U4Rejncq+HeSpw/WP1PS8:mZ8R9BhiN74ej+Heg31

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a85b8d0a9a31bed8691f8f20dfbd33e9_JaffaCakes118

Files

a85b8d0a9a31bed8691f8f20dfbd33e9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d1d3163289b20334148ce25e9e0f5612

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
GetExitCodeProcess
GetCurrentThread
ExitProcess
SuspendThread
ResetEvent
SetThreadPriority
WaitForSingleObject
FlushFileBuffers
Sleep

j5allaps

RKIJUN_KYO_WRITE
RD_INF_FM_ENM
LOCK_INPUT_ONLY
SET_NEW_JOBNM
OPN_WND_ALL
END_HIT
CLS_WND
STT_KIJUN_RDB
END_KIJUN_RDB
RKIJUN_ANG_SERCH
RKIJUN_KYO_SERCH
RKIJUN_ANG_WRITE
UIF_FUNC
AP_JYOUKEN_TASK
GET_EDB_PNT
GET_INF_NMFK
CDSP_INT
CDSP_REAL
OPN_WND
CDSP_TYTLE
KEY_FUNC
KEY_STR
OPN_WND2
GET_HIT_BID
PUT_STUDY
CDSP_STR
MAR_RTN
SET_POPUP
UDSP_STR
KEY_INT
KEY_REAL
MOT_RDB_JKN
FMPR
OPN_TOKUJI
SET_TOKUJI
CLS_TOKUJI
CHG_WND_SIZE
SET_HIT_AREA
STT_HIT
AKIL_HIT
CHG_ATR
CNT_ENM
KEY_EDMS
KIJ_KEY_REF_RPNT
KIJ_KEY_REF_SPNT
JCI_EXT_RPNT
JCI_EXT_SPNT
RAD_NORM
ANG_MAR
CDSP_ANG
GET_NO_FM_ENAME
GET_NM_FM_ENAME
UIF_INT
CLR_POPUP
ANGPR
CSD_LABEL_DBNO
CSD_DBH_GET
UDSP_INT
CDSP_ENAM_MSG
GET_SDBM_MAXRNO
PUT_SDBM_DATA
READ_SHEET
WRITE_SHEET
LARECSUB
CLR_VO_AUTO_DISP
SET_VO_MODE
DSP_VO_CIRC
DSP_VO_LINE
SLP_VO_AUTO_DISP
AWK_VO_AUTO_DISP
REP_TRV_DATA
RD_FDB_SLN
RD_FDB_PNT
RDA_INF_FM_FIP
GET_INF_EID
MAR_RTNA
GETE_EDB_RLN
GET_EDB_SLN
GET_INF_EID2
DEF_NO_NM_LIMIT
GET_NEW_JOBNM
JCI_NEW_ENM
AP_VO_CLEAR
PUT_MBD_ZPNT_NAME
UIF_ANG
UDSP_ANG
KEY_KAITEN
UIF_REAL
SENSE_NO_NM
PUT_MBD_TPNT_NAME
DSP_VO_REFRESH
DOW_NAME
NXT_NAME
RSV_EID_FM_ENAME
SRCS_DIP_FM_1L
SRCE_DIP_FM_1L
REP_INF_FM_ENM
SRC_LIP_FM_2P
RDB_SETREAL
GET_ENM_FM_NO
SRCS_LIP_FM_1P
SRCE_LIP_FM_1P
TEN_ZOK_GET
RETURN_CTL_BLK
TEN_ZOK_STT
TEN_ZOK_END
UIF_EXT_FORM_SET
UIF_EXT_FORM
STT_REF_JPS
UDSP_REAL
RKIJUN_ALL_SERCH
UDSP_EDB_NAME
UIF_ANG2
RKIJUN_ALL_WRITE
DM_FDB_PNT
WT_INF_EDB2
CSD_READ_RECORD
APERROR
END_REF_JPS
VO_UNLNK
GET_STUDY
CLS_STUDY
VO_LNK
RCL_JKN_DATA
OPN_STUDY
END_JKN_WND
END_DRF
STT_JKN_WND
FASTMTRX
UNDOS_DRF
UNDOE_DRF
WRT_DRF
BUTTON_ON
STT_DRF
RDA_INF_FM_ENM
SET_SDBM
SET_EORZ
SET_SORM
EFADB_LNK
SDBM_LNK
SET_EDB
DEL_OCB
SET_OCB
SET_DBCB
UNLOCK_INPUT_ONLY
EFADB_UNLNK
SDBM_UNLNK
CSD_INIT_DB
PUT_MBD_INIT_NAME
GET_SDBM_DATA
CUT_MOJI_STRING
AP_ZAHYO_TASK
RDA_INF_FM_EID
WT_INF_EDB

j5fdbman

FDB_STT
FDB_SRCSET_PRM

j5rdbhea

RDB_ACCESS_START
RDB_FIELD_GET
RDB_SEK
RDB_OPN
RDB_OPN_INDEX
RDB_FIELD_REP
RDB_ACCESS_END
RDB_FIELD_CT2
RDB_CLS_INDEX
RDB_SKP
RDB_CLS
RDB_KEY_COUNT
RDB_DEL
RDB_TOP
RDB_SK2
RDB_GET
RDB_CHG
RDB_FIELD_GT2
RDB_FIELD_PT2
RDB_ADD

j5dbcal

DB_OPEN_SKL
DB_OPEN

j5geoidd

CANCEL_FORBIT
C_RECV
C_SEND
SRVUNLNK
SRVLNK2
SRVUNLCK
CANCEL_ALLOW
TASKH2_START
FREESEG
GETSHRSEG
SET_ENABLE
StopMainTask
WAIT_ENABLE
OPEN_ENABLE
RABER_INIT
SEMWAIT
SEMSET
MUTEXFREE
MUTEXLOCK
MOVMEM
MAKEP
SET_CMD_BUF
CMD_BUF_POP
CLEAR_CMD_BUF
TERMNATE
CANCELAP
TERM
StartMainTask
SRVLCK
SFLGTEST
P_RECV
P_SEND
TSKOPEN
SFLGRST
TSKCLS
OPENSEM

j5conlib

CHG_PCUR
GET_REAL
CON_RTN2
CLR_POPUP_MENU
DSP_TITLE
CON_COLOR
CON_RTN
CON_SCAN
GET_INT
GET_STRING
DSP_STRING
CON_OPEN
CON_CLOSE
POPUP_OFF
SET_HIT_LIST
HIT_BOX_AWAKE
BUZZER
HIT_BOX_ALLKILL
CON_REFRESH
SET_POPUP_MENU
CON_LOCATE
SET_CON_COLOR
HIT_BOX_SLEEP
CHG_OPEN_POS
GET_HITBOX_ID
DSP_INT
HIT_BOX_CLEAR
CON_GET_HITBOX_ID
CON_SET_HITLIST_ARRAY
HIT_BOX_KILL
CON_ATTR

eplib

SMEM1
DoFinal
InitHeap
TStartup
PStartup
LMOD
TRUNC
UPOP
ROUND
SMEM2
txendws
USPSH
txwrint
USPOP
StartThread
UCAT
ModChk
Library$Ksec
UAPP
ExecPgm$Ksec
FileAttr$Ksec
UPSH
USSALG
LSC
CERR
LDC
HFP$Init
USDEL
SVALP
NEW
DISP1
StkFrm
VCMPB
UINDC
UDISC
USUB2
DCOS
UIND
txwritst
SIR
DSIN
UCMPB

Sections

.text
Size: 176KB - Virtual size: 174KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.EPsec
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d1d3163289b20334148ce25e9e0f5612

Headers

File Characteristics

Imports

kernel32

j5allaps

j5fdbman

j5rdbhea

j5dbcal

j5geoidd

j5conlib

eplib

Sections

.text Size: 176KB - Virtual size: 174KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 48KB - Virtual size: 45KB

.EPsec Size: 28KB - Virtual size: 27KB

.text
Size: 176KB - Virtual size: 174KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 48KB - Virtual size: 45KB

.EPsec
Size: 28KB - Virtual size: 27KB