02b1758bd8a6d44ee3d5698ca0fd84aa_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

02b1758bd8a6d44ee3d5698ca0fd84aa_JaffaCakes118
Size

261KB
MD5

02b1758bd8a6d44ee3d5698ca0fd84aa
SHA1

f5b1a8bb2c459929bd5a7c13515702a9b86b7322
SHA256

89c2abf431939a96d46a4d4b633d070780d5a5c3c8c84345b650960e6f4451b5
SHA512

0164eec026faea0c56b399f4271b99b4a2f6f21334e9adcb7766aa9366d44f13bb4236e189d8a7e8e005fc437d15307262cf66d86da0b67b343ca5da2f6a7217
SSDEEP

6144:nmGaU1l8kxJDhLkwlFCA7h48H7ykxf1ANr:mKl8ktL7FCA7lH+7

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02b1758bd8a6d44ee3d5698ca0fd84aa_JaffaCakes118

Files

02b1758bd8a6d44ee3d5698ca0fd84aa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8e48d482774cbd2ffb468593da07b11c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameW
GetLastError
GetTickCount
GetCurrentProcess
MultiByteToWideChar
GetSystemDirectoryW
GetVersionExA
GetProcessHeap
GetStartupInfoW
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleA
TlsAlloc
GetCurrentThreadId
HeapCreate
ExitProcess
GetModuleFileNameA
GetEnvironmentStringsW
GetStartupInfoA
QueryPerformanceCounter
GetCurrentProcessId
GetStringTypeA
GetStringTypeW
Sleep
GetLocaleInfoA
InitializeCriticalSection
LoadLibraryA
lstrcmpA
GetProcAddress

user32

GetSystemMetrics
wsprintfW
CheckMenuItem
ShowCaret
TrackPopupMenu
FindWindowW
PostQuitMessage
WaitMessage
EndMenu
PostMessageW
GetMenuInfo
keybd_event
SetWindowTextW
LoadCursorA
SetCursor
GetDlgItemInt
GetCaretPos
EndDialog
CreateWindowExW
EnableWindow
GetDlgItemTextW
LoadIconW
GetMenuItemInfoW
SetDlgItemTextW
DestroyMenu
InsertMenuItemA
PostMessageA
ShowWindow
EnumClipboardFormats
WinHelpA
RegisterWindowMessageW
GetDesktopWindow
PeekMessageW
MonitorFromPoint
GetSysColor
GetKeyState
GetActiveWindow
GetDlgItemTextA
DefWindowProcW
DefWindowProcA
InvalidateRgn
GetDCEx
CreateDialogParamA
wvsprintfA
SetParent
GetMenuItemRect
PeekMessageA
UnregisterClassA

advapi32

RegSetValueExW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegDeleteKeyW
CloseServiceHandle
StartServiceW
OpenServiceW
OpenSCManagerW

usp10

ScriptGetGlyphABCWidth
ScriptItemize
ScriptIsComplex
ScriptGetLogicalWidths

gdi32

GetMetaFileW
CreateColorSpaceA
CreatePalette
GetEnhMetaFileW
CreateBrushIndirect
ExtCreateRegion
CreateFontIndirectA
CreateDIBPatternBrushPt
UpdateICMRegKeyW
UpdateICMRegKeyA
CreateEllipticRgn
RemoveFontResourceExA

mycomput

DllCanUnloadNow

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

UPX0
Size: 3KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 84KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.icode
Size: 4KB - Virtual size: 230KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 258KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 133KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 4KB - Virtual size: 297KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8e48d482774cbd2ffb468593da07b11c

Headers

File Characteristics

Imports

kernel32

user32

advapi32

usp10

gdi32

mycomput

Sections

.text Size: 17KB - Virtual size: 17KB

.rdata Size: 3KB - Virtual size: 48KB

UPX0 Size: 3KB - Virtual size: 108KB

.edata Size: 84KB - Virtual size: 139KB

.icode Size: 4KB - Virtual size: 230KB

.data Size: 6KB - Virtual size: 258KB

.edata Size: 133KB - Virtual size: 177KB

.text Size: 4KB - Virtual size: 297KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 17KB - Virtual size: 17KB

.rdata
Size: 3KB - Virtual size: 48KB

UPX0
Size: 3KB - Virtual size: 108KB

.edata
Size: 84KB - Virtual size: 139KB

.icode
Size: 4KB - Virtual size: 230KB

.data
Size: 6KB - Virtual size: 258KB

.edata
Size: 133KB - Virtual size: 177KB

.text
Size: 4KB - Virtual size: 297KB

.rsrc
Size: 2KB - Virtual size: 2KB