1656581275eeffd99cf7ba750a9f711f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1656581275eeffd99cf7ba750a9f711f_JaffaCakes118
Size

499KB
MD5

1656581275eeffd99cf7ba750a9f711f
SHA1

e53951e49d02301ed7cad5a6a85cfda2937307d5
SHA256

56c7b1e292453c620e4775628c6bb64f58e67495b2bdeef279a116112a65172d
SHA512

135ef185b0debf70a3feeb576b53d3c0bb43eea93a57615d6691163b66286d3dc4db6f6c953de4f213ceae1072788f9a1a902c88106e5fdde3bd7aea64007127
SSDEEP

12288:ywQ2VjXbAkP9W0UNu0H/vi078CzMvJmXpxZPqgLM/fByM5:ywnpXUqUHi076vJm3ZPO3oM5

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/JGPROG_18_04_2003_VIP/GWIOPM.SYS
unpack001/JGPROG_18_04_2003_VIP/JGPROG.exe

Files

1656581275eeffd99cf7ba750a9f711f_JaffaCakes118
.zip
JGPROG_18_04_2003_VIP/GWIOPM.SYS
.sys windows:4 windows x86 arch:x86

30246d54430361bf28ee1ad81b82a76e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

IoDeleteSymbolicLink
Ke386IoSetAccessProcess
IoGetCurrentProcess
Ke386QueryIoAccessMap
IofCompleteRequest
IoDeleteDevice
Ke386SetIoAccessMap
RtlInitUnicodeString
MmFreeNonCachedMemory
IoCreateSymbolicLink
IoCreateDevice
MmAllocateNonCachedMemory

Sections

.text
Size: 960B - Virtual size: 948B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 32B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 384B - Virtual size: 382B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 96B - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
JGPROG_18_04_2003_VIP/JGPROG.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 733KB - Virtual size: 733KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 438KB - Virtual size: 438KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
JGPROG_18_04_2003_VIP/Loader/loader_PIC16F876.hex
JGPROG_18_04_2003_VIP/Loader/loader_at90s8515.hex
JGPROG_18_04_2003_VIP/Loader/loader_pic16f84.hex
JGPROG_18_04_2003_VIP/Test/BlackCard_test_led.hex
JGPROG_18_04_2003_VIP/Test/FunCard_test_lcd.hex
JGPROG_18_04_2003_VIP/Test/FunCard_test_led.hex
JGPROG_18_04_2003_VIP/config.cfg
JGPROG_18_04_2003_VIP/lang/1_Polski.lng
JGPROG_18_04_2003_VIP/lang/2_English.lng
JGPROG_18_04_2003_VIP/lang/3_Cesky.lng
JGPROG_18_04_2003_VIP/lang/4_Deutsch.lng
JGPROG_18_04_2003_VIP/lang/5_Espaol.Ing
JGPROG_18_04_2003_VIP/lang/6_Nederlands.lng
JGPROG_18_04_2003_VIP/lang/Loader/loader_PIC16F876.hex
JGPROG_18_04_2003_VIP/lang/Loader/loader_at90s8515.hex
JGPROG_18_04_2003_VIP/lang/Loader/loader_pic16f84.hex

Sharing

General

Malware Config

Signatures

Files

30246d54430361bf28ee1ad81b82a76e

Headers

File Characteristics

Imports

ntoskrnl.exe

Sections

.text Size: 960B - Virtual size: 948B

.data Size: 32B - Virtual size: 4B

INIT Size: 384B - Virtual size: 382B

.reloc Size: 96B - Virtual size: 92B

Headers

File Characteristics

Sections

CODE Size: 733KB - Virtual size: 733KB

DATA Size: 8KB - Virtual size: 7KB

BSS Size: - Virtual size: 3KB

.idata Size: 10KB - Virtual size: 9KB

.tls Size: - Virtual size: 16B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 45KB - Virtual size: 44KB

.rsrc Size: 438KB - Virtual size: 438KB

.text
Size: 960B - Virtual size: 948B

.data
Size: 32B - Virtual size: 4B

INIT
Size: 384B - Virtual size: 382B

.reloc
Size: 96B - Virtual size: 92B

CODE
Size: 733KB - Virtual size: 733KB

DATA
Size: 8KB - Virtual size: 7KB

BSS
Size: - Virtual size: 3KB

.idata
Size: 10KB - Virtual size: 9KB

.tls
Size: - Virtual size: 16B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 45KB - Virtual size: 44KB

.rsrc
Size: 438KB - Virtual size: 438KB