08d01160bad442bfa72c6849bbf0b911_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

08d01160bad442bfa72c6849bbf0b911_JaffaCakes118
Size

1.4MB
MD5

08d01160bad442bfa72c6849bbf0b911
SHA1

42ab4f2290ca23f93b7be65cf8a68c072715b442
SHA256

47602c0dda6c206395a7a10cef79adfde14598edf8784c2171672cb408b700b6
SHA512

2a2506473558b64dbe9fa64b8deb96e40fe008f3e907ea4599a5f26730381eaa6feb8967a455e9d7ceefd4321cbdbee45f483a3b88132a847c73623f0378bd80
SSDEEP

24576:AR3WJNbTBw96BuRytq+BjQdgy/xrJFgdMVW0NUOhHOjDAz45i0o5YrsscJ:AxANbT+96B4ytq+dQdD18dNO+WKi8Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/jdflasher/2020_52/qamaker.exe
unpack001/jdflasher/jdflasher.dll
unpack001/jdflasher/rest/mkrest2.exe

Files

08d01160bad442bfa72c6849bbf0b911_JaffaCakes118
.7z
jdflasher/2010_49/2002_r2b.boot
jdflasher/2010_49/200A_r2b.boot
jdflasher/2010_49/4402_p3k.boot
jdflasher/2010_49/440A_p3k.boot
jdflasher/2010_49/4414_p3k.boot
jdflasher/2010_49/DB2000cid49Red.hdr
jdflasher/2010_49/DB2010cid49Brown.hdr
jdflasher/2010_49/DB2010cid49Red.hdr
jdflasher/2010_49/K310.ose
jdflasher/2010_49/K510_Z530_Z550.ose
jdflasher/2010_49/K750.ose
jdflasher/2010_49/W300.ose
jdflasher/2010_49/W550.ose
jdflasher/2010_49/W600.ose
jdflasher/2010_49/W810.ose
jdflasher/2010_49/W900.ose
jdflasher/2010_49/Z520.ose
jdflasher/2010_49/k600.ose
jdflasher/2020_52/qamaker.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

MEW
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�uۊ��
Size: 28KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
jdflasher/2020_52/qamaker.ini
jdflasher/bin/040319 0923 COMPACTCERTLOADER R2E.2010_0_BLUE
jdflasher/bin/040422 0732 CERTLOADER R3L.2000_0_BLUE
jdflasher/bin/050404 1011 COMPACTPRODUCTION_ID_LOADER R2F.2010_0_BLUE
jdflasher/bin/050404 1011 PRODUCTION_ID_LOADER R1F.2000_0_BLUE
jdflasher/bin/050810 0923 PRODUCTION_ID_LOADER R2B.2000_0_BLUE
jdflasher/bin/050818 1627 SEMC_FLASHLOADER P2B.2000_37_RED
jdflasher/bin/060119 1209 SEMC_FLASHLOADER R2B.2000_49_RED
jdflasher/bin/060712 1520 DB2012_FLASHLOADER_R1A002.2012_50_RED
jdflasher/bin/061113 1250 COMPACTPRODUCTION_ID_LOADER P3L.2010_0_BLUE
jdflasher/bin/061201 1314 DB2020_FLASHLOADER_R2A005.2020_49_RED
jdflasher/bin/061201 1314 DB2020_FLASHLOADER_R2A005.2020_51_RED
jdflasher/bin/061201 1314 DB2020_FLASHLOADER_R2A005.2020_52_RED
jdflasher/bin/061204 1528 DB2010_FLASHLOADER_R2A007.2010_49_RED
jdflasher/bin/061205 1354 DB2012_FLASHLOADER_R2B012.2012_51_RED
jdflasher/bin/061205 1354 DB2012_FLASHLOADER_R2B012.2012_52_RED
jdflasher/bin/070129 1112 DB2010_PRODUCTIONIDLOADER_P4D.2012_0_BLUE
jdflasher/bin/070410 1405 COMPACT_SEMC_CS_LOADER_1_R3B009.2012_50_RED
jdflasher/bin/070410 1405 COMPACT_SEMC_CS_LOADER_1_R3B009.2012_51_RED
jdflasher/bin/070410 1405 COMPACT_SEMC_CS_LOADER_1_R3B009.2012_52_RED
jdflasher/bin/070417 1739 COMPACT_SEMC_CS_LOADER__P3T.2010_49_RED
jdflasher/bin/070418 1406 SEMC_CS_LOADER_1_P4K.2000_49_RED
jdflasher/bin/070418 2010 SEMC_CS_LOADER_1_P4L.2000_37_RED
jdflasher/bin/070418 2010 SEMC_CS_LOADER_1_P4L.2000_49_RED
jdflasher/bin/070524 1030 COMPACT_SEMC_CS_LOADER__R3A010.2010_49_RED
jdflasher/bin/070904 1147 COMPACT_SEMC_CS_LOADER_1_R3B014.2012_53_RED
jdflasher/bin/070904 1245 DB2020_CSLOADER_R3A013.2020_49_RED
jdflasher/bin/070904 1245 DB2020_CSLOADER_R3A013.2020_51_RED
jdflasher/bin/070904 1245 DB2020_CSLOADER_R3A013.2020_52_RED
jdflasher/bin/070904 1245 DB2020_CSLOADER_R3A013.2020_53_RED
jdflasher/bin/070904 1356 R3A016_PNX5230_CSLOADER.PNX5230_51_RED
jdflasher/bin/070904 1356 R3A016_PNX5230_CSLOADER.PNX5230_52_RED
jdflasher/bin/070904 1356 R3A016_PNX5230_CSLOADER.PNX5230_53_RED
jdflasher/bin/071130 1150 NPACXC1250330_DB2020_PRODUCTIONIDLOADER_P3M.2020_1_BLUE
jdflasher/bin/071213 1552 R2A022_PNX5230_FLASHLOADER.PNX5230_51_RED
jdflasher/bin/071213 1552 R2A022_PNX5230_FLASHLOADER.PNX5230_52_RED
jdflasher/bin/071213 1552 R2A022_PNX5230_FLASHLOADER.PNX5230_53_RED
jdflasher/bin/071219 1257 DB2012_FLASHLOADER_R2B017.2012_53_RED
jdflasher/bin/080108 1810 DB2020_FLASHLOADER_R2A015.2020_53_RED
jdflasher/bin/2000_3e_r1f_r3l
jdflasher/bin/2000_csold_R4B_setool
jdflasher/bin/2000_f_r2b
jdflasher/bin/2000_header_r2b
jdflasher/bin/2010_3e_r2f_r2e
jdflasher/bin/2010_cs_R2C
jdflasher/bin/2010_cs_R3A005
jdflasher/bin/2010_f_p5g
jdflasher/bin/2010_f_r2b
jdflasher/bin/2010_header_p3l
jdflasher/bin/2020_cs_R3A006
jdflasher/bin/2020_f_R2A005
jdflasher/bin/2020_prologue
jdflasher/bin/signed EMPCXC1327364_COMPACT_SEMC_CS_LOADER__V23.2010_49_BROWN
jdflasher/bin/signed setool PRODLOADER_SETOOL2.2020_49_BROWN
jdflasher/bin/signed setool PRODUCTIONLOADER_R1A002.DB2010_CID49_BROWN
jdflasher/bin/signed setool PRODUCTIONLOADER_R1A002.DB2012_CID49_BROWN
jdflasher/bin/signed setool PRODUCTIONLOADER_R1A002.DB2012_CID51_BROWN
jdflasher/file_id.diz
jdflasher/helpe.hlf
jdflasher/helpr.hlf
jdflasher/jdflasher.dll
.dll windows:5 windows x86 arch:x86

11e03d2e60a9a47cb324cbb1ec6ad727

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\07_08_28 jdflasher\Release\jdflasher.pdb

Imports

setupapi

SetupDiGetDeviceInterfaceDetailA
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsA

kernel32

WriteConsoleA
FindFirstFileA
FindClose
FindNextFileA
GetModuleFileNameA
CreateFileA
GetLastError
GetVersionExA
CloseHandle
WaitForSingleObject
SetEvent
WriteFile
InitializeCriticalSection
TerminateThread
Sleep
CreateEventA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
OutputDebugStringA
CreateThread
ClearCommError
GetConsoleOutputCP
GetTickCount
EscapeCommFunction
SetCommState
ReadFile
PurgeComm
GetOverlappedResult
DeviceIoControl
WaitForMultipleObjects
SetFileTime
WideCharToMultiByte
GetFileAttributesA
CreateDirectoryA
SetCurrentDirectoryA
SetLastError
GetCurrentDirectoryA
MultiByteToWideChar
SystemTimeToFileTime
GetModuleHandleA
FlushFileBuffers
SetStdHandle
InitializeCriticalSectionAndSpinCount
WriteConsoleW
SetEndOfFile
GetProcessHeap
GetCommState
GetCurrentThreadId
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
GetCommandLineA
HeapFree
RaiseException
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
LCMapStringA
LCMapStringW
HeapSize
ExitProcess
GetStdHandle
RtlUnwind
SetHandleCount
GetFileType
GetStartupInfoA
SetFilePointer
VirtualFree
VirtualAlloc
HeapReAlloc
HeapCreate
HeapDestroy
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
LoadLibraryA

user32

CharUpperA
MessageBeep
MessageBoxA
CharToOemA

advapi32

RegEnumKeyExA
RegCloseKey
RegOpenKeyA
RegCreateKeyA
RegQueryValueExA
RegSetValueExA
RegOpenKeyExA

Exports

Exports

ClosePlugin
DeleteFiles
FreeFindData
GetFiles
GetFindData
GetOpenPluginInfo
GetPluginInfo
MakeDirectory
OpenPlugin
PutFiles
SetDirectory
SetStartupInfo

Sections

.text
Size: 287KB - Virtual size: 287KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
jdflasher/lang#1.lng
jdflasher/lang#2.lng
jdflasher/rest/mkrest2.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.bss
Size: - Virtual size: 516KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CODE
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
jdflasher/scripts/Z520.xml
.xml
jdflasher/scripts/db2012.xml
.xml
jdflasher/scripts/db2020.xml
.xml
jdflasher/scripts/k300_500_700.xml
.xml
jdflasher/scripts/k310.xml
.xml
jdflasher/scripts/k510_z530_z550.xml
.xml
jdflasher/scripts/k600.xml
.xml
jdflasher/scripts/k750_w700_w800.xml
.xml
jdflasher/scripts/pnx5230.xml
.xml
jdflasher/scripts/qa2020.xml
.xml
jdflasher/scripts/supercid2020.xml
.xml
jdflasher/scripts/w300.xml
.xml
jdflasher/scripts/w550.xml
.xml
jdflasher/scripts/w600.xml
.xml
jdflasher/scripts/w810.xml
.xml
jdflasher/scripts/w900.xml
.xml

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

MEW Size: - Virtual size: 40KB

�uۊ�� Size: 28KB - Virtual size: 88KB

11e03d2e60a9a47cb324cbb1ec6ad727

Headers

File Characteristics

PDB Paths

Imports

setupapi

kernel32

user32

advapi32

Exports

Exports

Sections

.text Size: 287KB - Virtual size: 287KB

.rdata Size: 49KB - Virtual size: 49KB

.data Size: 52KB - Virtual size: 60KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 17KB - Virtual size: 16KB

Headers

File Characteristics

Sections

.bss Size: - Virtual size: 516KB

CODE Size: 3KB - Virtual size: 4KB

MEW
Size: - Virtual size: 40KB

�uۊ��
Size: 28KB - Virtual size: 88KB

.text
Size: 287KB - Virtual size: 287KB

.rdata
Size: 49KB - Virtual size: 49KB

.data
Size: 52KB - Virtual size: 60KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 17KB - Virtual size: 16KB

.bss
Size: - Virtual size: 516KB

CODE
Size: 3KB - Virtual size: 4KB