2c845bfd175283a54146e0a1d86aa506_JaffaCakes118

General

Target

2c845bfd175283a54146e0a1d86aa506_JaffaCakes118
Size

59KB
MD5

2c845bfd175283a54146e0a1d86aa506
SHA1

3d00298b77da7d764efb9a47cb49386d4864c522
SHA256

2129baf779482a80650e832cac860353a3870f030dad664287ad2244ebaccb27
SHA512

2cdd55964e896519522b216b23f867d6ff6d7dfa028e6d68a3da1e0b2baf17fe61db83592733eb743b67d08cbd488dffa9b7ee29856970b21dc19bd86842c85c
SSDEEP

1536:2gUPEgWJYToMoNvqXCf/Lja3jNTT06Rvx:gE/JBgXCLcNZRvx

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c845bfd175283a54146e0a1d86aa506_JaffaCakes118

Files

2c845bfd175283a54146e0a1d86aa506_JaffaCakes118
.dll windows:4 windows x86 arch:x86

aae9b0d3f6be9d1797c6ddd3d2b94a91

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreatePipe
DeleteFileA
GetSystemDirectoryA
FindClose
FindFirstFileA
WriteFile
CreateFileA
GetStartupInfoA
SetFilePointer
WideCharToMultiByte
MultiByteToWideChar
ExitThread
GetLastError
CreateMutexA
CreateThread
CreateProcessA
WaitForSingleObject
CloseHandle
Sleep
ReadFile
GetSystemInfo
VirtualProtect
ExitProcess
GetCurrentThreadId
GetCommandLineA
GetVersionExA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
HeapFree
HeapAlloc
SetHandleCount
GetStdHandle
GetFileType
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
UnhandledExceptionFilter
LoadLibraryA
RtlUnwind
InterlockedExchange
VirtualQuery
EnterCriticalSection
LeaveCriticalSection
GetACP
GetOEMCP
GetCPInfo
VirtualAlloc
HeapReAlloc
InitializeCriticalSection
SetStdHandle
HeapSize
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
FlushFileBuffers

advapi32

RegSetValueExA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA

shell32

ShellExecuteA

urlmon

URLDownloadToFileA

wininet

DeleteUrlCacheEntry

Sections

UPX0
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avp
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

aae9b0d3f6be9d1797c6ddd3d2b94a91

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

urlmon

wininet

Sections

UPX0 Size: 56KB - Virtual size: 56KB

.avp Size: 2KB - Virtual size: 4KB

UPX0
Size: 56KB - Virtual size: 56KB

.avp
Size: 2KB - Virtual size: 4KB