2ed5693af560ad28a1db8f2ab28fd134_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2ed5693af560ad28a1db8f2ab28fd134_JaffaCakes118
Size

163KB
MD5

2ed5693af560ad28a1db8f2ab28fd134
SHA1

cb3fc9e4c1fa9413c60357d67119b6d0b05d9706
SHA256

970c76f06eadf5f1d23561e0d3d4cb643d535e1c5588e387f57a4144a585e31b
SHA512

6354cecbcfc8ad983d0b026c852999fc72c3f0c9bbbd0af864a8563a828dd4b97b3737ee8dc6a68a4e8c8859bdf56aeb83952a0f17331f9ca948dd7efd524752
SSDEEP

3072:JHqi4jFi4dk8RQISHj2heVwtCxPnl/9JqYOCOrEfl8QJhs3ZnF86tbjA3:JKi4jNW8bSDXVDxflHqYwIfli3ZJjA

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ed5693af560ad28a1db8f2ab28fd134_JaffaCakes118

Files

2ed5693af560ad28a1db8f2ab28fd134_JaffaCakes118
.dll windows:4 windows x86 arch:x86

1dfae029d9e1c544675efbc33acdcbd2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc71

ord5213

msvcr71

time

kernel32

VirtualQueryEx
GetModuleHandleA
LoadLibraryA
VirtualAlloc
GetModuleFileNameA
ExitProcess

user32

UnhookWindowsHookEx
MessageBoxA

msvcp71

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z

Exports

Exports

a234
a99
ua234

Sections

.text
Size: - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 808B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.UPX0
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.UPX1
Size: - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.UPX2
Size: 159KB - Virtual size: 159KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1dfae029d9e1c544675efbc33acdcbd2

Headers

File Characteristics

Imports

mfc71

msvcr71

kernel32

user32

msvcp71

Exports

Exports

Sections

.text Size: - Virtual size: 9KB

.rdata Size: - Virtual size: 3KB

.data Size: - Virtual size: 11KB

.tdata Size: 1KB - Virtual size: 1KB

.rsrc Size: 1024B - Virtual size: 808B

.UPX0 Size: - Virtual size: 2KB

.UPX1 Size: - Virtual size: 113KB

.UPX2 Size: 159KB - Virtual size: 159KB

.reloc Size: 512B - Virtual size: 68B

.text
Size: - Virtual size: 9KB

.rdata
Size: - Virtual size: 3KB

.data
Size: - Virtual size: 11KB

.tdata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 808B

.UPX0
Size: - Virtual size: 2KB

.UPX1
Size: - Virtual size: 113KB

.UPX2
Size: 159KB - Virtual size: 159KB

.reloc
Size: 512B - Virtual size: 68B