f64c41d5bb5e63782a56912029b68325_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f64c41d5bb5e63782a56912029b68325_JaffaCakes118
Size

160KB
MD5

f64c41d5bb5e63782a56912029b68325
SHA1

d0ca1bcdac35cb55233ec422da23f64f8da71be8
SHA256

e154db061b287dedcb65d7de96d0bafae2e62359ac21e0e3c4c78620929be0bc
SHA512

3dfeeaac96bc0af2da9d1fe8403fc8464e9bef06cbd0e32e8d68dfd2cf97e6a78b5a46d32e9f97dd464125bc06a4f08927b2752770844ea27b71e0f922768a02
SSDEEP

1536:gEY+mFM2HXKZgi0Iksu+XM5/HtAQ9J6xph:TY+4MiIkLZJNAQ9J6v

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f64c41d5bb5e63782a56912029b68325_JaffaCakes118

Files

f64c41d5bb5e63782a56912029b68325_JaffaCakes118
.exe windows:4 windows x86 arch:x86

303c1853d8b725edb72154f63d99b2d9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CreateMailslotW
GetTickCount
FreeConsole
TlsAlloc
CancelDeviceWakeupRequest
GetConsoleTitleW
SetCurrentDirectoryW
GetEnvironmentStrings
CreateNamedPipeA
OpenWaitableTimerW
CreateMailslotW
FindNextVolumeA
GetLocaleInfoW
GetFullPathNameW
FoldStringA
SetProcessAffinityMask
GetNumberFormatA
GlobalFindAtomW
AreFileApisANSI
HeapAlloc
LeaveCriticalSection
GetSystemInfo
GetProfileSectionA
RegisterWaitForSingleObjectEx
GetCommTimeouts
FindFirstVolumeA
CreateDirectoryExW
WritePrivateProfileSectionA
WriteConsoleOutputAttribute
DisconnectNamedPipe
SetConsoleOutputCP
SetCalendarInfoA
ReadConsoleOutputW
CopyFileA
SetConsoleScreenBufferSize
OpenEventA
WaitCommEvent
SetThreadPriority
AssignProcessToJobObject
GetComputerNameW
GetNamedPipeInfo

mscms

CreateMultiProfileTransform
ConvertIndexToColorName
GetCMMInfo
DisassociateColorProfileFromDeviceW
SelectCMM
DisassociateColorProfileFromDeviceA
OpenColorProfileW
CreateProfileFromLogColorSpaceW
GetColorDirectoryW
CreateProfileFromLogColorSpaceA
RegisterCMMA
AssociateColorProfileWithDeviceA
OpenColorProfileA
GetColorProfileElement
InstallColorProfileW
GetPS2ColorRenderingDictionary
GetStandardColorSpaceProfileW
SetColorProfileElementReference
GetColorProfileFromHandle
GetStandardColorSpaceProfileA
UninstallColorProfileW
GetCountColorProfileElements
SetColorProfileHeader
CloseColorProfile
GetColorProfileHeader
TranslateBitmapBits
SetColorProfileElementSize

msvcrt

fputc
_wtoi
atol
isdigit
_wexecle
memcpy
_lrotr
bsearch
wcsncmp
_wgetenv
fputws
_wspawnlp
ungetwc
_wexecv
_tempnam
fwrite
isprint
free
_wspawnve
wcscoll
_wspawnlpe
wcsspn
_wexeclpe
fflush
strtok
_fgetwchar
_wgetdcwd
wcscmp
_vsnwprintf
_wremove
_flsbuf

ole32

CreateStreamOnHGlobal
CoRegisterPSClsid
HMENU_UserSize
CoCopyProxy
OleTranslateAccelerator
OleRun
CreateILockBytesOnHGlobal
StgIsStorageILockBytes

winmm

midiOutMessage
midiInGetDevCapsW
midiInStart
midiStreamPause
mciGetErrorStringW
mmioSetBuffer
waveOutClose
PlaySoundA
mixerGetDevCapsW
midiOutGetErrorTextW
waveOutGetErrorTextA
mmioDescend
mciGetDeviceIDFromElementIDA
waveInAddBuffer
mciGetYieldProc
joyGetThreshold
waveInUnprepareHeader
mixerGetLineInfoA
auxGetNumDevs
joySetCapture
midiStreamProperty
waveOutGetErrorTextW
mixerGetNumDevs
waveInStart
midiStreamClose
midiInClose
joyGetPosEx
waveOutGetID
waveOutPrepareHeader
waveInGetPosition
midiStreamStop
auxOutMessage
mciGetDeviceIDA
mixerGetDevCapsA
midiInGetErrorTextA

Sections

UPX0
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

303c1853d8b725edb72154f63d99b2d9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

mscms

msvcrt

ole32

winmm

Sections

UPX0 Size: 52KB - Virtual size: 52KB

UPX1 Size: 32KB - Virtual size: 32KB

.rsrc Size: 72KB - Virtual size: 72KB

UPX0
Size: 52KB - Virtual size: 52KB

UPX1
Size: 32KB - Virtual size: 32KB

.rsrc
Size: 72KB - Virtual size: 72KB