8ef02d09eb202322825f288b76d4fc8e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8ef02d09eb202322825f288b76d4fc8e_JaffaCakes118
Size

99KB
MD5

8ef02d09eb202322825f288b76d4fc8e
SHA1

8b2984b50eb497b1c7a4b9c5b0c536283f6d8a9e
SHA256

aa66e187286aa76f7b48fa5bab459fa2b1a3523046368fd5734833f6123a2d4a
SHA512

7cfae42b6ab146c95c43f1de644c2b629925ff10a8e80fd16dc9279e1d68e0e2c0fa5dfb50455dcda5bd2217e729cd32f60e982364437361a6cf307abee75404
SSDEEP

3072:Wspyqm1+I7VMdDWYC8kB+KyirBFaF4bUu7MPNz437:FpyqA+I7CdDA8zmrBou7MFzE

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/CS Public satedit.exe	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/CS Public satedit.dll
unpack001/CS Public satedit.exe

Files

8ef02d09eb202322825f288b76d4fc8e_JaffaCakes118
.rar
CS Public satedit.dll
.dll windows:5 windows x86 arch:x86

ce6e94427b9241323be221cfb753e2c5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Documents and Settings\Shaun\Desktop\CS Public v2\Release\CS Public v2.pdb

Imports

kernel32

GetModuleHandleA
VirtualProtect
CreateThread
GetProcAddress
Sleep
CreateFileW
GetModuleFileNameA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetTickCount
WriteConsoleW
GetStringTypeW
FlushFileBuffers
SetStdHandle
LoadLibraryW
HeapReAlloc
GetConsoleMode
GetConsoleCP
SetFilePointer
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
EncodePointer
DecodePointer
GetSystemTimeAsFileTime
HeapAlloc
GetCurrentThreadId
GetCommandLineA
RaiseException
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetLastError
HeapFree
HeapSize
GetModuleHandleW
ExitProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
IsProcessorFeaturePresent
EnterCriticalSection
LeaveCriticalSection
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
RtlUnwind
WideCharToMultiByte
CloseHandle
WriteFile
GetModuleFileNameW
HeapCreate
HeapDestroy
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
MultiByteToWideChar

user32

wsprintfA
GetAsyncKeyState
FindWindowA

gdi32

DeleteObject
SelectObject
GetTextExtentPointA
CreateFontA

opengl32

glDepthRange
glGetFloatv
glColor4f
glIsEnabled
glClearColor
glHint
wglUseFontBitmapsA
glGenLists
glPushAttrib
glListBase
wglGetCurrentDC
glPopAttrib
glCallLists
glRasterPos2i
glColor3f
glEnable
glColor4ub
glTexEnvi
glBlendFunc
glBegin
glDisable
glVertex2i
glEnd

Sections

.text
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CS Public satedit.exe
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 84KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 43KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Readme.txt
Settings.ini
by_updater.txt

Sharing

General

Malware Config

Signatures

Files

ce6e94427b9241323be221cfb753e2c5

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

opengl32

Sections

.text Size: 88KB - Virtual size: 87KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 7KB - Virtual size: 141KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 10KB - Virtual size: 9KB

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 84KB

UPX1 Size: 43KB - Virtual size: 44KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 88KB - Virtual size: 87KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 7KB - Virtual size: 141KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 10KB - Virtual size: 9KB

UPX0
Size: - Virtual size: 84KB

UPX1
Size: 43KB - Virtual size: 44KB

.rsrc
Size: 1024B - Virtual size: 4KB