2d816510c04e5fe03f86b2b3f6ef44aa_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2d816510c04e5fe03f86b2b3f6ef44aa_JaffaCakes118
Size

160KB
MD5

2d816510c04e5fe03f86b2b3f6ef44aa
SHA1

06df091597fc12b86d03340c75805facc95cd678
SHA256

9f40c605ceecc8f1f2a86c2afc42e9c5293b2be56a58b5b4895bdca4f6d5e465
SHA512

9f800458fe131da8186173f98a7127b3718b054109996b7b3b9d312458953d5575b7d5f6bc651353598bb27476d6795eeba52b81f59cff7ee5269dcf10fbd35d
SSDEEP

1536:OEY+mFM2HXKZgi0Iksu+XM5/HtAQ9J6xph:FY+4MiIkLZJNAQ9J6v

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d816510c04e5fe03f86b2b3f6ef44aa_JaffaCakes118

Files

2d816510c04e5fe03f86b2b3f6ef44aa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

303c1853d8b725edb72154f63d99b2d9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CreateMailslotW
GetTickCount
FreeConsole
TlsAlloc
CancelDeviceWakeupRequest
GetConsoleTitleW
SetCurrentDirectoryW
GetEnvironmentStrings
CreateNamedPipeA
OpenWaitableTimerW
CreateMailslotW
FindNextVolumeA
GetLocaleInfoW
GetFullPathNameW
FoldStringA
SetProcessAffinityMask
GetNumberFormatA
GlobalFindAtomW
AreFileApisANSI
HeapAlloc
LeaveCriticalSection
GetSystemInfo
GetProfileSectionA
RegisterWaitForSingleObjectEx
GetCommTimeouts
FindFirstVolumeA
CreateDirectoryExW
WritePrivateProfileSectionA
WriteConsoleOutputAttribute
DisconnectNamedPipe
SetConsoleOutputCP
SetCalendarInfoA
ReadConsoleOutputW
CopyFileA
SetConsoleScreenBufferSize
OpenEventA
WaitCommEvent
SetThreadPriority
AssignProcessToJobObject
GetComputerNameW
GetNamedPipeInfo

mscms

CreateMultiProfileTransform
ConvertIndexToColorName
GetCMMInfo
DisassociateColorProfileFromDeviceW
SelectCMM
DisassociateColorProfileFromDeviceA
OpenColorProfileW
CreateProfileFromLogColorSpaceW
GetColorDirectoryW
CreateProfileFromLogColorSpaceA
RegisterCMMA
AssociateColorProfileWithDeviceA
OpenColorProfileA
GetColorProfileElement
InstallColorProfileW
GetPS2ColorRenderingDictionary
GetStandardColorSpaceProfileW
SetColorProfileElementReference
GetColorProfileFromHandle
GetStandardColorSpaceProfileA
UninstallColorProfileW
GetCountColorProfileElements
SetColorProfileHeader
CloseColorProfile
GetColorProfileHeader
TranslateBitmapBits
SetColorProfileElementSize

msvcrt

fputc
_wtoi
atol
isdigit
_wexecle
memcpy
_lrotr
bsearch
wcsncmp
_wgetenv
fputws
_wspawnlp
ungetwc
_wexecv
_tempnam
fwrite
isprint
free
_wspawnve
wcscoll
_wspawnlpe
wcsspn
_wexeclpe
fflush
strtok
_fgetwchar
_wgetdcwd
wcscmp
_vsnwprintf
_wremove
_flsbuf

ole32

CreateStreamOnHGlobal
CoRegisterPSClsid
HMENU_UserSize
CoCopyProxy
OleTranslateAccelerator
OleRun
CreateILockBytesOnHGlobal
StgIsStorageILockBytes

winmm

midiOutMessage
midiInGetDevCapsW
midiInStart
midiStreamPause
mciGetErrorStringW
mmioSetBuffer
waveOutClose
PlaySoundA
mixerGetDevCapsW
midiOutGetErrorTextW
waveOutGetErrorTextA
mmioDescend
mciGetDeviceIDFromElementIDA
waveInAddBuffer
mciGetYieldProc
joyGetThreshold
waveInUnprepareHeader
mixerGetLineInfoA
auxGetNumDevs
joySetCapture
midiStreamProperty
waveOutGetErrorTextW
mixerGetNumDevs
waveInStart
midiStreamClose
midiInClose
joyGetPosEx
waveOutGetID
waveOutPrepareHeader
waveInGetPosition
midiStreamStop
auxOutMessage
mciGetDeviceIDA
mixerGetDevCapsA
midiInGetErrorTextA

Sections

UPX0
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

303c1853d8b725edb72154f63d99b2d9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

mscms

msvcrt

ole32

winmm

Sections

UPX0 Size: 52KB - Virtual size: 52KB

UPX1 Size: 32KB - Virtual size: 32KB

.rsrc Size: 72KB - Virtual size: 72KB

UPX0
Size: 52KB - Virtual size: 52KB

UPX1
Size: 32KB - Virtual size: 32KB

.rsrc
Size: 72KB - Virtual size: 72KB