f914bf84261319b6d2b02b1fd44cab0b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f914bf84261319b6d2b02b1fd44cab0b_JaffaCakes118
Size

191KB
MD5

f914bf84261319b6d2b02b1fd44cab0b
SHA1

287ef27c78340b1f59f124f1df1b74dbec37c224
SHA256

435ef66878b633781de5ba7ad00adfc9fe3cb5f6a6fea695b9be8a6bd16ba33c
SHA512

acf9c0d1d5c33841c2aef29403963050654ea3d3d104bde93bd6159748fbdd20487748a5b38c7cc8c76c2d6fb47e36e0734c637c78d6807625764329e1a04d46
SSDEEP

3072:JJqAONCBb3nG1Yw5+vIz7V+WfVPAAAXRiD8BTIm8tv7:70NCBq1dAvA0cCBiD8JIvtz

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f914bf84261319b6d2b02b1fd44cab0b_JaffaCakes118

Files

f914bf84261319b6d2b02b1fd44cab0b_JaffaCakes118
.exe windows:6 windows x86 arch:x86

3ee7a04da9cc1bed285fd907cf3baaa9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

net.pdb

Imports

advapi32

RegQueryValueExW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegEnumValueW
RegCloseKey

kernel32

SetThreadUILanguage
GetCPInfo
GetConsoleOutputCP
GetLastError
HeapSetInformation
GetExitCodeProcess
WaitForSingleObject
CloseHandle
CreateProcessW
GetSystemDirectoryW
GetDriveTypeW
GetProcAddress
FreeLibrary
InterlockedCompareExchange
LoadLibraryA
LocalAlloc
GetStdHandle
LoadLibraryW
WriteConsoleW
WideCharToMultiByte
WriteFile
FormatMessageW
LocalFree
SetLastError
GetModuleFileNameW
PeekConsoleInputW
GetConsoleMode
SetConsoleMode
ReadConsoleW
GetFileType
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
SetUnhandledExceptionFilter
Sleep
InterlockedExchange
DelayLoadFailureHook
GetCommandLineW
GetConsoleScreenBufferInfo

msvcrt

_controlfp
_except_handler4_common
?terminate@@YAXXZ
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_amsg_exit
_initterm
_XcptFilter
_exit
_cexit
__getmainargs
wcsrchr
wcsncpy_s
wcsncmp
qsort
_ultow
wcspbrk
iswctype
_wcsupr
_wcsicmp
wcschr
wcscpy_s
wcscat_s
exit
sprintf_s
setlocale
_wcsnicmp
memset
_iob
_fileno
_setmode
free
_vsnwprintf_s
_snwprintf_s
putchar
malloc
wcsspn
wcscspn
calloc
wcsncat_s
_wcsdup
wcstok
_local_unwind4
memmove
_ultoa

netapi32

NetApiBufferFree
NetUseEnum
NetUseGetInfo
I_NetPathType
NetUserGetInfo
NetShareEnum
NetapipBufferAllocate
NetApiBufferAllocate
NetApiBufferReallocate
I_NetNameValidate
NetWkstaUserGetInfo
NetWkstaGetInfo
NetServerEnum
NetServerGetInfo

mpr

WNetAddConnection2W
WNetCancelConnection2W
WNetGetLastErrorW
WNetGetConnectionW
WNetOpenEnumW
WNetEnumResourceW
WNetCloseEnum

iphlpapi

GetCurrentThreadCompartmentId

ntdll

RtlAllocateHeap
RtlInitUnicodeString
RtlInitAnsiString
RtlOemStringToUnicodeString

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

UPX0
Size: 144KB - Virtual size: 380KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3ee7a04da9cc1bed285fd907cf3baaa9

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

advapi32

kernel32

msvcrt

netapi32

mpr

iphlpapi

ntdll

Sections

.text Size: 33KB - Virtual size: 33KB

.data Size: 7KB - Virtual size: 49KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 2KB

UPX0 Size: 144KB - Virtual size: 380KB

.text
Size: 33KB - Virtual size: 33KB

.data
Size: 7KB - Virtual size: 49KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 2KB

UPX0
Size: 144KB - Virtual size: 380KB