26d7ebea2a9f40d292236c4dfa2b0c15_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

26d7ebea2a9f40d292236c4dfa2b0c15_JaffaCakes118
Size

256KB
MD5

26d7ebea2a9f40d292236c4dfa2b0c15
SHA1

8064a5d96015f8f0ab5017a6c992c18842284e55
SHA256

819d0c3622da7422e5afdeb17dfc1534d8d6766360a88fe0e2a040e3dbc3bceb
SHA512

4f7c1dc2cca7e809a8517d189c1b0aac1cca62777a6e2cb6f81489e86eda5685ac71905451a376a9d2e9df10accc372c5c2297a8f205983e108f8ec5141ebd69
SSDEEP

6144:1zZSLGcUvjOjSLRChbfIWoHteCCCCa+8ZX7ZPZSQGt7Tf:JZSLGzqaSXoNndtBEHf

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26d7ebea2a9f40d292236c4dfa2b0c15_JaffaCakes118

Files

26d7ebea2a9f40d292236c4dfa2b0c15_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a38a9e753061cfd0359723477b26e96d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DispatchMessageA
GetDesktopWindow
EnableWindow
IsDlgButtonChecked
GetWindowRect
ScreenToClient
MoveWindow
SendMessageA
DestroyWindow
SetWindowTextA
RegisterClassA
CreateWindowExA
ShowWindow
UpdateWindow
GetMessageA
TranslateMessage
MessageBoxA
DefWindowProcA
PostQuitMessage
GetSystemMenu
RemoveMenu
CharToOemA
GetForegroundWindow
DialogBoxIndirectParamA
SetForegroundWindow
SendDlgItemMessageA
GetDlgItem
SetFocus
GetDlgItemTextA
EndDialog
SetDlgItemTextA
CheckDlgButton

comdlg32

GetOpenFileNameA

kernel32

SetConsoleCtrlHandler
HeapSize
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
FlushFileBuffers
InitializeCriticalSection
GetOEMCP
RtlUnwind
GetStringTypeW
GetStringTypeA
VirtualQuery
GetSystemInfo
VirtualProtect
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
HeapCreate
FindClose
FindFirstFileA
GetDiskFreeSpaceA
GetFullPathNameA
CompareStringA
lstrcpyA
GetDriveTypeA
lstrcatA
GetFileAttributesA
GetProcAddress
LoadLibraryA
MultiByteToWideChar
GetACP
lstrlenA
LocalFree
LocalHandle
GetModuleHandleA
LocalAlloc
Sleep
lstrcpynA
FreeLibrary
FindNextFileA
FileTimeToDosDateTime
FileTimeToLocalFileTime
GetTempFileNameA
SetConsoleCursorPosition
GetConsoleScreenBufferInfo
GetStdHandle
CreateDirectoryA
SetFileAttributesA
CloseHandle
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
CreateFileA
RemoveDirectoryA
MoveFileA
GetTempPathA
GetLocalTime
GetLocaleInfoA
GetModuleFileNameA
SetPriorityClass
GetCurrentProcess
GetLastError
SetFilePointer
GetFileType
ReadFile
HeapAlloc
WriteFile
HeapFree
HeapReAlloc
ExitThread
TlsSetValue
TlsGetValue
ResumeThread
CreateThread
DeleteFileA
GetCommandLineA
GetVersionExA
LCMapStringA
WideCharToMultiByte
LCMapStringW
TlsFree
SetLastError
GetCurrentThreadId
TlsAlloc
SetHandleCount
GetStartupInfoA
DeleteCriticalSection
SetStdHandle
EnterCriticalSection
LeaveCriticalSection
SetEndOfFile
ExitProcess
TerminateProcess
HeapDestroy

Sections

.text
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.UPX0
Size: 104KB - Virtual size: 252KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a38a9e753061cfd0359723477b26e96d

Headers

File Characteristics

Imports

user32

comdlg32

kernel32

Sections

.text Size: 111KB - Virtual size: 110KB

.rdata Size: 36KB - Virtual size: 36KB

.data Size: 4KB - Virtual size: 56KB

.UPX0 Size: 104KB - Virtual size: 252KB

.text
Size: 111KB - Virtual size: 110KB

.rdata
Size: 36KB - Virtual size: 36KB

.data
Size: 4KB - Virtual size: 56KB

.UPX0
Size: 104KB - Virtual size: 252KB