fc9aece91222ef190fe2e273f26ec9a7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fc9aece91222ef190fe2e273f26ec9a7_JaffaCakes118
Size

575KB
MD5

fc9aece91222ef190fe2e273f26ec9a7
SHA1

9b3d87e14af0fa5e27c8aadb8f88f5a8f117c924
SHA256

d3fc63bb088b2270e7524ed991d4224726fba8f25a8a05007335b617b3508f9d
SHA512

fc4f0d8b52ad82f687c73a1e87609d506baea3d3aebb2984bd584582f438b303cf747fc99da566fbcac5cc91e5f8f006256e3769eeee62cc78ed73bc99a6a92f
SSDEEP

6144:APLqaPIWQUaVAnTBK0Vp6jkusfTrGljHAQu2CZ8XNOkhvKpYkzH0TxxJwf2/Wx6J:3R+sAnTB3VmBiTriAn89fhypvqu21aL2

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/美食大战老鼠小迪辅助2.4.exe	upx

Files

fc9aece91222ef190fe2e273f26ec9a7_JaffaCakes118
.rar
美食大战老鼠小迪辅助2.4.exe
.exe windows:4 windows x86 arch:x86

Code Sign

52:d7:c6:c0:79:b4:e6:4f:b7:bb:16:b1:cb:0a:67:82
Certificate

Issuer

CN=Indigo Rose Software Design Corporation,OU=Security Labs,O=Indigo Rose Software Design Corporation,L=Indigo,ST=Indigo,C=CN

Not Before

31/01/2015, 16:00

Not After

31/01/2025, 16:00

Subject

CN=Indigo Rose Software Design Corporation,OU=Security Labs,O=Indigo Rose Software Design Corporation,L=Indigo,ST=Indigo,C=CN

25:1f:5d:98:81:82:17:2e:3c:41:9e:01:4f:b0:40:4c
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08/08/2009, 01:00

Not After

08/08/2024, 01:00

Subject

CN=WoSign Time Stamping Signer,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

5e:68:d6:11:71:94:63:50:56:00:68:f3:3e:c9:c5:91
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08/08/2009, 01:00

Not After

08/08/2039, 01:00

Subject

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2f:2c:ec:bb:b5:41:65:1f:02:b5:ef:89:57:b8:a6:ad:34:92:98:34
Signer

Actual PE Digest

2f:2c:ec:bb:b5:41:65:1f:02:b5:ef:89:57:b8:a6:ad:34:92:98:34

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 1.2MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 564KB - Virtual size: 568KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 70KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Code Sign

52:d7:c6:c0:79:b4:e6:4f:b7:bb:16:b1:cb:0a:67:82Certificate

25:1f:5d:98:81:82:17:2e:3c:41:9e:01:4f:b0:40:4cCertificate

Extended Key Usages

Key Usages

5e:68:d6:11:71:94:63:50:56:00:68:f3:3e:c9:c5:91Certificate

Key Usages

2f:2c:ec:bb:b5:41:65:1f:02:b5:ef:89:57:b8:a6:ad:34:92:98:34Signer

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 1.2MB

UPX1 Size: 564KB - Virtual size: 568KB

.rsrc Size: 70KB - Virtual size: 72KB

52:d7:c6:c0:79:b4:e6:4f:b7:bb:16:b1:cb:0a:67:82
Certificate

25:1f:5d:98:81:82:17:2e:3c:41:9e:01:4f:b0:40:4c
Certificate

5e:68:d6:11:71:94:63:50:56:00:68:f3:3e:c9:c5:91
Certificate

2f:2c:ec:bb:b5:41:65:1f:02:b5:ef:89:57:b8:a6:ad:34:92:98:34
Signer

UPX0
Size: - Virtual size: 1.2MB

UPX1
Size: 564KB - Virtual size: 568KB

.rsrc
Size: 70KB - Virtual size: 72KB