0aab654b5dd00fc611eda32848f85f6f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0aab654b5dd00fc611eda32848f85f6f_JaffaCakes118
Size

339KB
MD5

0aab654b5dd00fc611eda32848f85f6f
SHA1

da319b79cbd1060c24e0d4d477b3778f4f60709e
SHA256

58482586994117956123ac55406257f421e31bd4ff75e286ceba6caa08102d4c
SHA512

e521b39141ba74d625129a81d71904ffd69bb7f02cebc49cfa9215f44d5561b7bf5651ba0db9b5244709844ca3c99eefe21b7500ed7018e7225b4909c60b5946
SSDEEP

6144:eI9cn13+ikMrt7zPnu6uvFhEXhTs8n/bFkFZ9jWv2jiJ4juiwUigH06W3W8Rbn:3W13+jwtvPnufhEXhTD/hezg27bH06Yr

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0aab654b5dd00fc611eda32848f85f6f_JaffaCakes118

Files

0aab654b5dd00fc611eda32848f85f6f_JaffaCakes118
.dll windows:4 windows x86 arch:x86

d68f6b2c1bbdc9167801d45eb415f8bc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

mpr

WNetGetUserA

version

VerQueryValueA

gdi32

UnrealizeObject

comctl32

ImageList_SetIconSize

shell32

Shell_NotifyIconA

wininet

InternetReadFile

wsock32

WSACleanup

imagehlp

CheckSumMappedFile

winmm

waveOutWrite

avicap32

capCreateCaptureWindowA

msvfw32

DrawDibDraw

msacm32

acmFormatChooseA

Sections

CODE
Size: 325KB - Virtual size: 808KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.UPX0
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.UPX1
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 540B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d68f6b2c1bbdc9167801d45eb415f8bc

Headers

File Characteristics

Imports

kernel32

user32

advapi32

oleaut32

mpr

version

gdi32

comctl32

shell32

wininet

wsock32

imagehlp

winmm

avicap32

msvfw32

msacm32

Sections

CODE Size: 325KB - Virtual size: 808KB

.rsrc Size: 8KB - Virtual size: 8KB

.UPX0 Size: 512B - Virtual size: 512B

.UPX1 Size: 3KB - Virtual size: 3KB

.reloc Size: 1024B - Virtual size: 540B

CODE
Size: 325KB - Virtual size: 808KB

.rsrc
Size: 8KB - Virtual size: 8KB

.UPX0
Size: 512B - Virtual size: 512B

.UPX1
Size: 3KB - Virtual size: 3KB

.reloc
Size: 1024B - Virtual size: 540B