ad2b8156a0077fbb6eeab2c44a8ebeb2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ad2b8156a0077fbb6eeab2c44a8ebeb2_JaffaCakes118
Size

66KB
MD5

ad2b8156a0077fbb6eeab2c44a8ebeb2
SHA1

0069e0779d2069ca34270a8762d0a07cbf874bef
SHA256

3a41550d62760139c74926676f55f5a21aee53b85c4eb11bb56b90ba4f9e3fa3
SHA512

0c679ff57c57a72958065d6f3c3f74ff2342b337487fd1695111340c1afb99f4114d59fd5542dff55cd3a47c5e78416fd3213663cf971e41f5972bd3fa91d828
SSDEEP

768:Zoljtj0qn5pZ84CfCBRrJNn55SQywaOP+7M:2lpDT7LOQyQm7M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ad2b8156a0077fbb6eeab2c44a8ebeb2_JaffaCakes118

Files

ad2b8156a0077fbb6eeab2c44a8ebeb2_JaffaCakes118
.exe windows:5 windows x86 arch:x86

66d84cc924839d3c8a9e9e3bd50d1ea2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\project\drivers\ccdriver\bin\fre_nokia_release\fre\i386\setupext.pdb

Imports

msvcrt

_c_exit
_strnicmp
_strupr
__CxxFrameHandler
strstr
strncat
_exit
free
_strdup
_stricmp
isspace
strncpy
_cexit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
??3@YAXPAX@Z
??2@YAPAXI@Z
sprintf

advapi32

RegCreateKeyExA
CloseServiceHandle
RegEnumKeyExA
RegDeleteKeyA
GetNamedSecurityInfoA
BuildExplicitAccessWithNameA
SetEntriesInAclA
SetNamedSecurityInfoA
OpenSCManagerA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegDeleteValueA
OpenServiceA
DeleteService
RegCloseKey

kernel32

GetVersionExA
GetLastError
GlobalFree
GlobalAlloc
lstrcmpiA
lstrcpyA
GetWindowsDirectoryA
CopyFileA
LocalFree
LocalAlloc
GetPrivateProfileSectionA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoA
SetLastError
GetPrivateProfileStringA
lstrcatA
lstrlenA

user32

wsprintfA

setupapi

SetupDiGetClassDevsA
SetupDiEnumDeviceInfo
CM_Get_DevNode_Status
SetupDiCreateDeviceInfoList
SetupDiGetDeviceInstanceIdA
SetupDiOpenDeviceInfoA
SetupDiDestroyDeviceInfoList
SetupDiSetDeviceRegistryPropertyA
SetupDiGetDeviceRegistryPropertyA
SetupDiCallClassInstaller

difxapi

DriverPackageUninstallA
DriverPackagePreinstallA

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 51KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

awpifyg
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

66d84cc924839d3c8a9e9e3bd50d1ea2

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

advapi32

kernel32

user32

setupapi

difxapi

Sections

.text Size: 13KB - Virtual size: 12KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 51KB - Virtual size: 52KB

awpifyg Size: - Virtual size: 4KB

.text
Size: 13KB - Virtual size: 12KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 51KB - Virtual size: 52KB

awpifyg
Size: - Virtual size: 4KB