acf570b6e6f67d394857159aad0b344f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

acf570b6e6f67d394857159aad0b344f_JaffaCakes118
Size

884KB
MD5

acf570b6e6f67d394857159aad0b344f
SHA1

afb1c09c18153325a3b3c66412459b028a19cd4d
SHA256

9e714cf0f4a6114d8673416b05c29a46f3d9c60de48015ab143e86436b89f735
SHA512

db810473eebe34237d03eee1452592eb28aa37e76b315c8eec2c0f933a7df6169c4057a9c65fb03a68b1cb07523e04e1df0f7451671436829409a51cbfef4d14
SSDEEP

12288:P0JPrg1+E45wbJ9lpSxe9ICas+c/AjJMbqMBfMCzQpT7hBe4r2:PuPrbdwbbSYnas+c/xbqMNMVBee2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
acf570b6e6f67d394857159aad0b344f_JaffaCakes118

Files

acf570b6e6f67d394857159aad0b344f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c47372ab709afdff84724181e9420c65

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\dvs\p4\build\sw\rel\gpu_drv\r285\r285_58\drivers\notifius\comupdatus\release\ComUpdatus.pdb

Imports

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

setupapi

SetupDiBuildDriverInfoList
SetupDiDestroyDriverInfoList
SetupDiGetDeviceInstallParamsW
SetupDiGetDriverInstallParamsW
SetupDiSetDeviceInstallParamsW
SetupDiEnumDriverInfoW
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailW
SetupDiGetDeviceRegistryPropertyW
SetupDiGetClassDevsW
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList

kernel32

CreateProcessW
GetExitCodeProcess
LoadLibraryW
GetProcAddress
GetCurrentThread
LocalFree
LeaveCriticalSection
FormatMessageW
GetVersionExW
HeapFree
GetProcessHeap
GetSystemTimeAsFileTime
GetSystemInfo
FileTimeToLocalFileTime
WaitForMultipleObjects
UnmapViewOfFile
SetThreadPriority
CreateMutexW
WriteFile
FlushFileBuffers
ResumeThread
SystemTimeToFileTime
FileTimeToSystemTime
OpenFileMappingW
GetTickCount
ReadFile
CreateFileW
OpenMutexW
ReleaseMutex
GetWindowsDirectoryW
FindClose
GetStartupInfoW
GetCurrentProcess
GetStdHandle
SetLastError
GetFileAttributesW
GetSystemDirectoryW
WideCharToMultiByte
GetUserDefaultUILanguage
GetSystemDefaultLangID
GlobalMemoryStatusEx
QueryPerformanceFrequency
SetThreadAffinityMask
QueryPerformanceCounter
GetProcessAffinityMask
GetSystemDirectoryA
DeviceIoControl
LoadLibraryA
SetEnvironmentVariableA
CompareStringW
CompareStringA
CreateFileA
GetTimeZoneInformation
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoW
GetModuleHandleExW
OutputDebugStringW
EnterCriticalSection
SetEvent
FreeLibrary
InterlockedDecrement
lstrcmpiW
DeleteCriticalSection
InterlockedIncrement
RaiseException
LoadLibraryExW
GetModuleHandleW
FindResourceW
GetModuleFileNameW
GetCurrentThreadId
LoadResource
Sleep
SizeofResource
GetLastError
WaitForSingleObject
lstrlenW
MultiByteToWideChar
CloseHandle
CreateThread
InitializeCriticalSection
CreateEventW
GetCommandLineW
IsWow64Process
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
SetFilePointer
GetCurrentDirectoryA
GetFullPathNameA
GetConsoleMode
GetConsoleCP
GetCurrentProcessId
GetStartupInfoA
SetHandleCount
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
IsValidCodePage
GetOEMCP
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleFileNameA
ExitProcess
GetModuleHandleA
HeapSize
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
LCMapStringW
LCMapStringA
GetCPInfo
GetStringTypeW
GetStringTypeA
RtlUnwind
FindFirstFileA
GetDriveTypeA
ExitThread
GetFileType
SetStdHandle
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapAlloc
HeapReAlloc
GetVersionExA
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
InterlockedCompareExchange

user32

GetMonitorInfoW
MonitorFromPoint
EnumDisplayDevicesW
EnumDisplaySettingsExW
UnregisterClassA
PostThreadMessageW
CharNextW
GetMessageW
TranslateMessage
DispatchMessageW
CharUpperW
GetSystemMetrics
EnumDisplaySettingsW

advapi32

RegQueryInfoKeyW
ConvertStringSecurityDescriptorToSecurityDescriptorW
EqualSid
GetAclInformation
DeleteAce
AddAce
AddAccessAllowedAce
GetAce
IsValidSid
LookupAccountNameW
CopySid
GetSecurityDescriptorLength
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegQueryValueExW
GetSecurityDescriptorDacl
GetSecurityDescriptorGroup
SetSecurityDescriptorGroup
MakeSelfRelativeSD
GetSecurityDescriptorSacl
FreeSid
GetSecurityDescriptorOwner
SetSecurityDescriptorOwner
AllocateAndInitializeSid
InitializeAcl
MakeAbsoluteSD
GetLengthSid
SetTokenInformation
ConvertStringSidToSidW
OpenThreadToken
ImpersonateSelf
RevertToSelf
RegDeleteKeyW
RegCloseKey
RegSetValueExW
RegOpenKeyExW
RegDeleteValueW
RegCreateKeyExW
RegEnumKeyExW

ole32

CoCreateGuid
CoCreateInstance
StringFromGUID2
CoTaskMemRealloc
CoRevokeClassObject
CoRegisterClassObject
CoUninitialize
CoInitialize
CoTaskMemAlloc
CoTaskMemFree
CoSetProxyBlanket

oleaut32

UnRegisterTypeLi
SysAllocString
SafeArrayGetElement
SafeArrayGetLBound
VariantCopy
VariantInit
VariantClear
VariantChangeType
LoadRegTypeLi
SysStringLen
SysFreeString
RegisterTypeLi
LoadTypeLi
VarUI4FromStr

Sections

.text
Size: 516KB - Virtual size: 513KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 24KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 216KB - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c47372ab709afdff84724181e9420c65

Headers

File Characteristics

PDB Paths

Imports

version

setupapi

kernel32

user32

advapi32

ole32

oleaut32

Sections

.text Size: 516KB - Virtual size: 513KB

.rdata Size: 116KB - Virtual size: 115KB

.data Size: 24KB - Virtual size: 31KB

.rsrc Size: 216KB - Virtual size: 216KB

.text
Size: 516KB - Virtual size: 513KB

.rdata
Size: 116KB - Virtual size: 115KB

.data
Size: 24KB - Virtual size: 31KB

.rsrc
Size: 216KB - Virtual size: 216KB