314fdd98d4c1c8461ea124f6570abfc1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

314fdd98d4c1c8461ea124f6570abfc1_JaffaCakes118
Size

563KB
MD5

314fdd98d4c1c8461ea124f6570abfc1
SHA1

9e1be2950d8dbcc6849d0555f0016dad501bc9da
SHA256

3b71f8c0db3ac8b99ae29e07684cea1814265cecb1ffd70eab94408a408f4d96
SHA512

0394329a5c96104585683aff70e6eee8d9072e97ea2249278f2dc8f31b38657cb6388c7c7b8f1784602434794720d40d2c2b9ea09ee4b37d76fd9f29ead6bff2
SSDEEP

12288:Mjum5uzD5IpHrtnoaPAOWY4RmgC18cFiHP:Mym5C5IlrdoaPEYUmwc

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
314fdd98d4c1c8461ea124f6570abfc1_JaffaCakes118

Files

314fdd98d4c1c8461ea124f6570abfc1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ede543ba7c9118ecb1239ffb6668a291

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapReAlloc
GetStartupInfoA
GetCommandLineA
HeapSize
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
SetUnhandledExceptionFilter
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
HeapAlloc
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
IsBadReadPtr
IsBadCodePtr
SetStdHandle
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
SetEnvironmentVariableA
GetLocaleInfoW
TerminateProcess
HeapFree
ExitProcess
RtlUnwind
SystemTimeToFileTime
LocalFileTimeToFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
GetShortPathNameA
GetVolumeInformationA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
MoveFileA
GetCurrentDirectoryA
GetOEMCP
GetCPInfo
InterlockedIncrement
InterlockedDecrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
LocalAlloc
GlobalFlags
SetLastError
FormatMessageA
LocalFree
MulDiv
GetDiskFreeSpaceA
GetFullPathNameA
GetTempFileNameA
GetFileTime
SetFileTime
GetFileAttributesA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
GetCurrentThread
lstrcmpA
GetModuleFileNameA
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
FreeResource
GetCurrentThreadId
GlobalFindAtomA
GlobalDeleteAtom
lstrcatA
lstrcmpW
GetModuleHandleA
lstrcpynA
GlobalLock
GlobalUnlock
GlobalGetAtomNameA
GlobalAddAtomA
EnterCriticalSection
LeaveCriticalSection
FindResourceA
LoadResource
LockResource
SizeofResource
FindFirstFileA
FindNextFileA
GlobalAlloc
GlobalFree
GetSystemDirectoryA
LoadLibraryA
GetProcAddress
FreeLibrary
CreateFileA
WriteFile
CloseHandle
GetStringTypeExA
CompareStringW
CompareStringA
lstrlenA
lstrlenW
lstrcmpiA
GetVersion
GetLastError
WideCharToMultiByte
MultiByteToWideChar
Sleep
GetTickCount
SetErrorMode
GetSystemTime
DeleteFileA
GetEnvironmentVariableA
OpenMutexA
CreateMutexA
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
GetEnvironmentStrings
InterlockedExchange

advapi32

RegSetValueA
RegSetValueExA
RegQueryValueExA
RegDeleteValueA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyA
RegOpenKeyA
RegQueryValueA
RegCreateKeyExA
SetFileSecurityA
RegCreateKeyA
RegCloseKey
GetFileSecurityA

comctl32

ImageList_Draw
ImageList_GetImageInfo
ImageList_Destroy

comdlg32

GetSaveFileNameA
GetFileTitleA
GetOpenFileNameA

gdi32

CreateSolidBrush
CreateFontIndirectA
CreateRectRgnIndirect
PatBlt
SetRectRgn
CombineRgn
GetMapMode
GetBkColor
GetTextColor
CreateRectRgn
SelectClipRgn
IntersectClipRect
GetViewportExtEx
GetStockObject
CreatePatternBrush
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetPixel
BitBlt
GetRgnBox
CreateCompatibleDC
ExcludeClipRect
SetMapMode
SetBkMode
RestoreDC
SaveDC
GetDeviceCaps
Ellipse
LPtoDP
CreateEllipticRgn
GetTextExtentPoint32A
GetTextMetricsA
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
CreateCompatibleBitmap
CreateDIBSection
DeleteObject
GetObjectA
SelectObject
DeleteDC
GetWindowExtEx

gdiplus

GdipCreateBitmapFromHBITMAP
GdipCloneImage
GdipAlloc
GdipFree
GdiplusShutdown
GdiplusStartup
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipCreateBitmapFromScan0
GdipSaveImageToFile
GdipDisposeImage

ole32

CoTaskMemAlloc
CoTaskMemFree
OleIsCurrentClipboard
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CLSIDFromString
CLSIDFromProgID
OleFlushClipboard
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoRevokeClassObject
CoRegisterMessageFilter

oleaut32

oledlg

shell32

DragFinish
ExtractIconA
SHGetFileInfoA
DragQueryFileA

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionW
PathFindExtensionA
PathIsUNCA

user32

SetParent
WindowFromPoint
SetRect
GetSysColorBrush
GetMenuItemInfoA
InflateRect
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetMenuStringA
InsertMenuA
LoadCursorA
SetCapture
ClientToScreen
SetWindowRgn
DrawIcon
FillRect
IsRectEmpty
FindWindowA
RegisterClipboardFormatA
SetWindowContextHelpId
MapDialogRect
GetMessageA
TranslateMessage
GetCursorPos
ValidateRect
ShowOwnedPopups
PostQuitMessage
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
IsZoomed
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
MoveWindow
SetWindowTextA
IsDialogMessageA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
SetPropA
GetPropA
SendDlgItemMessageA
IsChild
GetWindowTextA
GetForegroundWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
MessageBoxA
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
GetClientRect
AdjustWindowRectEx
ScreenToClient
DeferWindowPos
GetScrollInfo
SetScrollInfo
RegisterClassA
DefWindowProcA
CallWindowProcA
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetSystemMetrics
PtInRect
RegisterWindowMessageA
wsprintfA
LoadMenuA
DestroyMenu
GetClassNameA
GetSysColor
SetWindowPos
WinHelpA
SetFocus
GetActiveWindow
GetFocus
EqualRect
GetDlgItem
SetWindowLongA
GetKeyState
GetDlgCtrlID
GetMenu
UnpackDDElParam
ReuseDDElParam
LoadIconA
GetClassInfoA
LockWindowUpdate
GetDCEx
PostThreadMessageA
MessageBeep
GetNextDlgGroupItem
SetCursor
PeekMessageA
GetCapture
ReleaseCapture
LoadAcceleratorsA
GetParent
SetActiveWindow
IsWindowVisible
InvalidateRect
UpdateWindow
IsIconic
InsertMenuItemA
InvalidateRgn
CopyAcceleratorTableA
CharNextA
DestroyIcon
DeleteMenu
RemovePropA
GetSubMenu
GetMenuItemID
GetMenuItemCount
CreatePopupMenu
IntersectRect
OffsetRect
SetRectEmpty
CopyRect
BringWindowToTop
PostMessageA
SetMenu
ShowWindow
GetWindowLongA
IsWindow
GetDesktopWindow
GetWindow
IsWindowEnabled
SendMessageA
TranslateAcceleratorA
CharUpperA
GetLastActivePopup
KillTimer
SetTimer
UnregisterClassA
EnableWindow
GetWindowTextLengthA

wininet

HttpSendRequestA
HttpAddRequestHeadersA
InternetConnectA
HttpOpenRequestA
InternetReadFile
InternetOpenUrlA
InternetCloseHandle
InternetOpenA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

ws2_32

Sections

UPX0
Size: 524KB - Virtual size: 524KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ede543ba7c9118ecb1239ffb6668a291

Headers

File Characteristics

Imports

kernel32

advapi32

comctl32

comdlg32

gdi32

gdiplus

ole32

oleaut32

oledlg

shell32

shlwapi

user32

wininet

winspool.drv

ws2_32

Sections

UPX0 Size: 524KB - Virtual size: 524KB

.rsrc Size: 28KB - Virtual size: 52KB

.avc Size: 10KB - Virtual size: 12KB

UPX0
Size: 524KB - Virtual size: 524KB

.rsrc
Size: 28KB - Virtual size: 52KB

.avc
Size: 10KB - Virtual size: 12KB