feb945c1e596b5355eb2bff0d5703d93_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

feb945c1e596b5355eb2bff0d5703d93_JaffaCakes118
Size

204KB
MD5

feb945c1e596b5355eb2bff0d5703d93
SHA1

aca1e4a47397c1cf9b5c4e65cbf1204ad0270d3c
SHA256

4efc3d91e844e04749d495b0ba2c122164d429c0f63d588fc61665369c9a2e45
SHA512

55c6ccc21ed3969363601a34eedaa7a84269c704ec9b369224c5309e2b87cd468cbeac8812da761d5a90eb0f0dc76f6f742e812159bf11f474f5472e117f3d07
SSDEEP

3072:KqwizTVF7nMMh8dnc0l9uFRqDd2iptlCVE8wM8LG0udQIIJNpH/y/F:pzTwBdnlVVptlCRi3IIJN2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
feb945c1e596b5355eb2bff0d5703d93_JaffaCakes118

Files

feb945c1e596b5355eb2bff0d5703d93_JaffaCakes118
.exe windows:5 windows x86 arch:x86

55eed70a046c9dacea344f714a832eb3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\bld\main\drivers\ide\bus2.7\raidapps\nvraidservice\objfre\i386\nvraidservice.pdb

Imports

advapi32

RegDeleteKeyA
RegCreateKeyExA
RegDeleteValueA
RegCloseKey
RegOpenKeyExA
RegQueryInfoKeyA
RegEnumKeyExA
RegSetValueExA

kernel32

GetLocaleInfoA
GetThreadLocale
GetVersionExA
MultiByteToWideChar
WideCharToMultiByte
lstrlenW
lstrcmpiA
lstrlenA
InitializeCriticalSection
DeleteCriticalSection
SizeofResource
LockResource
GetACP
FindResourceA
FindResourceExA
CloseHandle
CreateMutexA
GetCurrentThreadId
InterlockedIncrement
InterlockedDecrement
LeaveCriticalSection
EnterCriticalSection
lstrcpynA
GetLastError
GetModuleHandleA
GetModuleFileNameA
FreeLibrary
LoadLibraryExA
IsDBCSLeadByte
CreateProcessA
WaitForSingleObject
SetEvent
CreateThread
CreateEventA
lstrcpyA
lstrcatA
LoadLibraryA
GetStringTypeA
LCMapStringW
InterlockedExchange
LoadResource
LCMapStringA
GetStringTypeW
RtlUnwind
HeapSize
GetCPInfo
GetOEMCP
GetProcessHeap
FlushFileBuffers
SetStdHandle
VirtualQuery
GetSystemInfo
VirtualProtect
SetFilePointer
GetStartupInfoA
GetCommandLineA
ExitProcess
HeapAlloc
HeapFree
HeapReAlloc
GetProcAddress
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
TlsFree
SetLastError
TlsSetValue
TlsGetValue
TlsAlloc
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
VirtualAlloc

user32

DefWindowProcA
LoadIconA
LoadCursorA
RegisterClassExA
GetSystemMetrics
CreateWindowExA
LoadMenuA
GetSubMenu
GetCursorPos
wsprintfA
TrackPopupMenuEx
PostMessageA
DestroyMenu
PostQuitMessage
CharUpperA
SetForegroundWindow
CharNextA
DestroyWindow
LoadImageA
DestroyIcon
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA

ole32

CoInitialize
CoTaskMemRealloc
CoTaskMemAlloc
CoSetProxyBlanket
CoInitializeEx
CoTaskMemFree
CoCreateInstance
CoUninitialize

oleaut32

VariantInit
SysFreeString
VarUI4FromStr
SafeArrayGetElement
VariantClear
SysAllocStringLen
SysStringLen
SysAllocString

comctl32

InitCommonControlsEx

shell32

Shell_NotifyIconA

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 122KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

55eed70a046c9dacea344f714a832eb3

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

advapi32

kernel32

user32

ole32

oleaut32

comctl32

shell32

Sections

.text Size: 52KB - Virtual size: 51KB

.data Size: 3KB - Virtual size: 10KB

.rsrc Size: 26KB - Virtual size: 26KB

.text Size: 122KB - Virtual size: 124KB

.text
Size: 52KB - Virtual size: 51KB

.data
Size: 3KB - Virtual size: 10KB

.rsrc
Size: 26KB - Virtual size: 26KB

.text
Size: 122KB - Virtual size: 124KB