fe8af7fe0fe2d691bc143b00bd1a8332_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fe8af7fe0fe2d691bc143b00bd1a8332_JaffaCakes118
Size

160KB
MD5

fe8af7fe0fe2d691bc143b00bd1a8332
SHA1

d19d64c5d0024c631af67a39bb4651c41efdf6bd
SHA256

856f5161907fabfe4e045e72675e100bb7d31c95db0394b96eaaf7bafa36970e
SHA512

fa82e6819fcc7671595b251de152eb965d157e4fc54502f1e7308dbcf20f73e3ce3d69b89c38750c2943eeff226d1c818b1be66acfc808904a82d313779102e6
SSDEEP

1536:2EY+mFM2HXKZgi0Iksu+XM5/HtAQ9J6xph:dY+4MiIkLZJNAQ9J6v

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe8af7fe0fe2d691bc143b00bd1a8332_JaffaCakes118

Files

fe8af7fe0fe2d691bc143b00bd1a8332_JaffaCakes118
.exe windows:4 windows x86 arch:x86

303c1853d8b725edb72154f63d99b2d9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CreateMailslotW
GetTickCount
FreeConsole
TlsAlloc
CancelDeviceWakeupRequest
GetConsoleTitleW
SetCurrentDirectoryW
GetEnvironmentStrings
CreateNamedPipeA
OpenWaitableTimerW
CreateMailslotW
FindNextVolumeA
GetLocaleInfoW
GetFullPathNameW
FoldStringA
SetProcessAffinityMask
GetNumberFormatA
GlobalFindAtomW
AreFileApisANSI
HeapAlloc
LeaveCriticalSection
GetSystemInfo
GetProfileSectionA
RegisterWaitForSingleObjectEx
GetCommTimeouts
FindFirstVolumeA
CreateDirectoryExW
WritePrivateProfileSectionA
WriteConsoleOutputAttribute
DisconnectNamedPipe
SetConsoleOutputCP
SetCalendarInfoA
ReadConsoleOutputW
CopyFileA
SetConsoleScreenBufferSize
OpenEventA
WaitCommEvent
SetThreadPriority
AssignProcessToJobObject
GetComputerNameW
GetNamedPipeInfo

mscms

CreateMultiProfileTransform
ConvertIndexToColorName
GetCMMInfo
DisassociateColorProfileFromDeviceW
SelectCMM
DisassociateColorProfileFromDeviceA
OpenColorProfileW
CreateProfileFromLogColorSpaceW
GetColorDirectoryW
CreateProfileFromLogColorSpaceA
RegisterCMMA
AssociateColorProfileWithDeviceA
OpenColorProfileA
GetColorProfileElement
InstallColorProfileW
GetPS2ColorRenderingDictionary
GetStandardColorSpaceProfileW
SetColorProfileElementReference
GetColorProfileFromHandle
GetStandardColorSpaceProfileA
UninstallColorProfileW
GetCountColorProfileElements
SetColorProfileHeader
CloseColorProfile
GetColorProfileHeader
TranslateBitmapBits
SetColorProfileElementSize

msvcrt

fputc
_wtoi
atol
isdigit
_wexecle
memcpy
_lrotr
bsearch
wcsncmp
_wgetenv
fputws
_wspawnlp
ungetwc
_wexecv
_tempnam
fwrite
isprint
free
_wspawnve
wcscoll
_wspawnlpe
wcsspn
_wexeclpe
fflush
strtok
_fgetwchar
_wgetdcwd
wcscmp
_vsnwprintf
_wremove
_flsbuf

ole32

CreateStreamOnHGlobal
CoRegisterPSClsid
HMENU_UserSize
CoCopyProxy
OleTranslateAccelerator
OleRun
CreateILockBytesOnHGlobal
StgIsStorageILockBytes

winmm

midiOutMessage
midiInGetDevCapsW
midiInStart
midiStreamPause
mciGetErrorStringW
mmioSetBuffer
waveOutClose
PlaySoundA
mixerGetDevCapsW
midiOutGetErrorTextW
waveOutGetErrorTextA
mmioDescend
mciGetDeviceIDFromElementIDA
waveInAddBuffer
mciGetYieldProc
joyGetThreshold
waveInUnprepareHeader
mixerGetLineInfoA
auxGetNumDevs
joySetCapture
midiStreamProperty
waveOutGetErrorTextW
mixerGetNumDevs
waveInStart
midiStreamClose
midiInClose
joyGetPosEx
waveOutGetID
waveOutPrepareHeader
waveInGetPosition
midiStreamStop
auxOutMessage
mciGetDeviceIDA
mixerGetDevCapsA
midiInGetErrorTextA

Sections

UPX0
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

303c1853d8b725edb72154f63d99b2d9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

mscms

msvcrt

ole32

winmm

Sections

UPX0 Size: 52KB - Virtual size: 52KB

UPX1 Size: 32KB - Virtual size: 32KB

.rsrc Size: 72KB - Virtual size: 72KB

UPX0
Size: 52KB - Virtual size: 52KB

UPX1
Size: 32KB - Virtual size: 32KB

.rsrc
Size: 72KB - Virtual size: 72KB