93a9c2d7a8e19ac0f76c307961803da0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

93a9c2d7a8e19ac0f76c307961803da0_JaffaCakes118
Size

488KB
MD5

93a9c2d7a8e19ac0f76c307961803da0
SHA1

0380dd0f208e6f01790a43fabddd732dfaff8ff7
SHA256

a8e3661d1ae5ea27a6bcf766b3619803a8fb7693dd80f6fef4ae4204023c37c3
SHA512

9209fb77223b96259b794bbc535d3446e21b7568871271a4c0031f84474e5a85074990ac71368365463cc248cdf2f32d2eca49b4a22c3c8678ef900a715cfb89
SSDEEP

3072:enTvI2FkU+RzawgKB9t8wO/CrDMUm0XBEvWwmNStxKuHbzsqO30hBe7wgKB9t8w9:UvI2yBQ+i4EOEhBe4BQ+i4EOEhBe/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
93a9c2d7a8e19ac0f76c307961803da0_JaffaCakes118

Files

93a9c2d7a8e19ac0f76c307961803da0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1ff4ab463f991a68d63e43a266b696c5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\dvs\p4\build\sw\rel\gpu_drv\r275\r275_21\drivers\stereo_vision\Setup\nvStInst\nvUSBInst\Release\bin\nvUSBInst.pdb

Imports

setupapi

SetupDiDestroyDeviceInfoList
SetupGetStringFieldW
SetupCopyOEMInfA
SetupDiGetClassDevsW
SetupDiEnumDeviceInfo
SetupDiRemoveDevice
SetupCloseInfFile
SetupDiEnumDeviceInterfaces
SetupDiRemoveDeviceInterface
SetupFindFirstLineW
SetupUninstallOEMInfW
SetupOpenInfFileW

kernel32

SetLastError
FlushFileBuffers
CreateFileA
HeapSize
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetSystemDefaultLCID
GetUserDefaultUILanguage
FreeResource
LockResource
LoadResource
GetLastError
FindResourceExW
GetModuleHandleW
GetVersionExW
LocalFree
FormatMessageW
CloseHandle
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
GetStartupInfoA
FindClose
FindNextFileW
FindFirstFileW
GetWindowsDirectoryW
FreeLibrary
GetProcAddress
LoadLibraryW
GetFileAttributesA
GetModuleFileNameA
LoadLibraryA
GetWindowsDirectoryA
GetCommandLineA
RtlUnwind
HeapReAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThreadId
Sleep
ExitProcess
WriteFile
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
HeapCreate
VirtualFree
HeapFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetFilePointer
GetConsoleCP
GetConsoleMode
EnterCriticalSection
LeaveCriticalSection
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
InitializeCriticalSectionAndSpinCount
HeapAlloc
VirtualAlloc

user32

MessageBoxW

Sections

.text
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 424KB - Virtual size: 424KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1ff4ab463f991a68d63e43a266b696c5

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

setupapi

kernel32

user32

Sections

.text Size: 43KB - Virtual size: 42KB

.rdata Size: 9KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 12KB

.rsrc Size: 424KB - Virtual size: 424KB

.text
Size: 43KB - Virtual size: 42KB

.rdata
Size: 9KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 12KB

.rsrc
Size: 424KB - Virtual size: 424KB