f2b7a77ea0dd9eabb567fc001659f8ee_JaffaCakes118

General

Target

f2b7a77ea0dd9eabb567fc001659f8ee_JaffaCakes118
Size

83KB
MD5

f2b7a77ea0dd9eabb567fc001659f8ee
SHA1

ccde2e6e2e705486a0a394b07c17dc50c98eae3a
SHA256

3203b895ebe37c8146d3fb45e59c93c885ddf2fdf0b83a1cbb4d4274c8fce358
SHA512

75921d7e208a8577192d24a9c9d03cc2dcfbdda80506dc5d15ded5a93d633c46f1e47631052f495fde6fce9ffd7ccd9d94347e018d3f086d5078f06f7cbdaf50
SSDEEP

768:PMQmt5x2kKwKxPHKzfL+CItClifJTq1BW+igXWWHdtIeq2lyrq14N0nmz5:PtcIYKx6YwiRTyMaT7Ieq2seNnO5

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f2b7a77ea0dd9eabb567fc001659f8ee_JaffaCakes118

Files

f2b7a77ea0dd9eabb567fc001659f8ee_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dfa0cbd22aba79439b101e25a3e9ab94

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileIntA
CloseHandle
WriteFile
SetFilePointer
CreateFileA
lstrcatA
lstrlenA
GetSystemDirectoryA
ReadFile
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
lstrcpyA
GetLocalTime
DeleteFileA
GetFileSize
GetTickCount
ExitThread
Sleep
CreateThread
GetProcAddress
LoadLibraryA
ReleaseMutex
CreateMutexA
SetErrorMode
LCMapStringW
LCMapStringA
WritePrivateProfileStringA
GlobalFree
GlobalAlloc
GetModuleFileNameA
GetLastError
GetStringTypeW
GetStringTypeA
SetStdHandle
GetOEMCP
GetACP
IsBadCodePtr
IsBadReadPtr
GetCPInfo
SetUnhandledExceptionFilter
FlushFileBuffers
GetFileType
EnterCriticalSection
InitializeCriticalSection
InterlockedExchange
DeleteCriticalSection
LeaveCriticalSection
MultiByteToWideChar
RtlUnwind
HeapFree
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
RaiseException
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapAlloc
HeapSize
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle

advapi32

RegOpenKeyA
RegSetValueExA
RegCloseKey
RegOpenKeyExA

ole32

OleInitialize
CoCreateInstance
OleUninitialize

oleaut32

user32

wsprintfA
TranslateMessage
GetMessageA
CharUpperA
CharLowerA
DispatchMessageA

ws2_32

Sections

UPX0
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

dfa0cbd22aba79439b101e25a3e9ab94

Headers

File Characteristics

Imports

kernel32

advapi32

ole32

oleaut32

user32

ws2_32

Sections

UPX0 Size: 80KB - Virtual size: 80KB

.avc Size: 2KB - Virtual size: 4KB

UPX0
Size: 80KB - Virtual size: 80KB

.avc
Size: 2KB - Virtual size: 4KB