f923e45694d3280e9663a4c8adc7602c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f923e45694d3280e9663a4c8adc7602c_JaffaCakes118
Size

160KB
MD5

f923e45694d3280e9663a4c8adc7602c
SHA1

08b4b1841d5351b9d26141a2c0e9b941b7e0f188
SHA256

a650934c45102e2b38a73b4acf213730ffd39c4792bc3cc7b49d3c030980994d
SHA512

b24f23e93fb27f27dd4f5ce18a8073adcd2ed34fc3ae09f7b4a1b0bb330d396f05c5e3edf7ad872281119c7bfa7e12f43a7cb40c34bb12748cb0a9bffe98225d
SSDEEP

1536:6EY+mFM2HXKZgi0Iksu+XM5/HtAQ9J6xph:xY+4MiIkLZJNAQ9J6v

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f923e45694d3280e9663a4c8adc7602c_JaffaCakes118

Files

f923e45694d3280e9663a4c8adc7602c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

303c1853d8b725edb72154f63d99b2d9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CreateMailslotW
GetTickCount
FreeConsole
TlsAlloc
CancelDeviceWakeupRequest
GetConsoleTitleW
SetCurrentDirectoryW
GetEnvironmentStrings
CreateNamedPipeA
OpenWaitableTimerW
CreateMailslotW
FindNextVolumeA
GetLocaleInfoW
GetFullPathNameW
FoldStringA
SetProcessAffinityMask
GetNumberFormatA
GlobalFindAtomW
AreFileApisANSI
HeapAlloc
LeaveCriticalSection
GetSystemInfo
GetProfileSectionA
RegisterWaitForSingleObjectEx
GetCommTimeouts
FindFirstVolumeA
CreateDirectoryExW
WritePrivateProfileSectionA
WriteConsoleOutputAttribute
DisconnectNamedPipe
SetConsoleOutputCP
SetCalendarInfoA
ReadConsoleOutputW
CopyFileA
SetConsoleScreenBufferSize
OpenEventA
WaitCommEvent
SetThreadPriority
AssignProcessToJobObject
GetComputerNameW
GetNamedPipeInfo

mscms

CreateMultiProfileTransform
ConvertIndexToColorName
GetCMMInfo
DisassociateColorProfileFromDeviceW
SelectCMM
DisassociateColorProfileFromDeviceA
OpenColorProfileW
CreateProfileFromLogColorSpaceW
GetColorDirectoryW
CreateProfileFromLogColorSpaceA
RegisterCMMA
AssociateColorProfileWithDeviceA
OpenColorProfileA
GetColorProfileElement
InstallColorProfileW
GetPS2ColorRenderingDictionary
GetStandardColorSpaceProfileW
SetColorProfileElementReference
GetColorProfileFromHandle
GetStandardColorSpaceProfileA
UninstallColorProfileW
GetCountColorProfileElements
SetColorProfileHeader
CloseColorProfile
GetColorProfileHeader
TranslateBitmapBits
SetColorProfileElementSize

msvcrt

fputc
_wtoi
atol
isdigit
_wexecle
memcpy
_lrotr
bsearch
wcsncmp
_wgetenv
fputws
_wspawnlp
ungetwc
_wexecv
_tempnam
fwrite
isprint
free
_wspawnve
wcscoll
_wspawnlpe
wcsspn
_wexeclpe
fflush
strtok
_fgetwchar
_wgetdcwd
wcscmp
_vsnwprintf
_wremove
_flsbuf

ole32

CreateStreamOnHGlobal
CoRegisterPSClsid
HMENU_UserSize
CoCopyProxy
OleTranslateAccelerator
OleRun
CreateILockBytesOnHGlobal
StgIsStorageILockBytes

winmm

midiOutMessage
midiInGetDevCapsW
midiInStart
midiStreamPause
mciGetErrorStringW
mmioSetBuffer
waveOutClose
PlaySoundA
mixerGetDevCapsW
midiOutGetErrorTextW
waveOutGetErrorTextA
mmioDescend
mciGetDeviceIDFromElementIDA
waveInAddBuffer
mciGetYieldProc
joyGetThreshold
waveInUnprepareHeader
mixerGetLineInfoA
auxGetNumDevs
joySetCapture
midiStreamProperty
waveOutGetErrorTextW
mixerGetNumDevs
waveInStart
midiStreamClose
midiInClose
joyGetPosEx
waveOutGetID
waveOutPrepareHeader
waveInGetPosition
midiStreamStop
auxOutMessage
mciGetDeviceIDA
mixerGetDevCapsA
midiInGetErrorTextA

Sections

UPX0
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

303c1853d8b725edb72154f63d99b2d9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

mscms

msvcrt

ole32

winmm

Sections

UPX0 Size: 52KB - Virtual size: 52KB

UPX1 Size: 32KB - Virtual size: 32KB

.rsrc Size: 72KB - Virtual size: 72KB

UPX0
Size: 52KB - Virtual size: 52KB

UPX1
Size: 32KB - Virtual size: 32KB

.rsrc
Size: 72KB - Virtual size: 72KB