3aa18c34048682c086f34b908561476f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3aa18c34048682c086f34b908561476f_JaffaCakes118
Size

176KB
MD5

3aa18c34048682c086f34b908561476f
SHA1

94ab3a3572ff7b041a0c9f7dc30b51d4c5c577c2
SHA256

cb2eab84b4cc85a4ab80006947700bba76e6dd46d20a1e753cd6fb6ff29467a1
SHA512

2d0384064646f60aeb25d5b710ce0f3c356d7ee230002c8c9320d8ff5b1f2a1657347740897be318d786f514fea03b9bac13a316e31161920fa4b40cf2615983
SSDEEP

3072:NX/4eI9RNZiOKCQp5hhPo9FBSWPHxNtOwJQIvllMgx0PJEw0Zck+xIy0FgCnf8Xp:5/zFbhiSWPHxDOwJQIvlKZPJSZhKIyiw

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3aa18c34048682c086f34b908561476f_JaffaCakes118

Files

3aa18c34048682c086f34b908561476f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1042f249352088f5c8d4f8a3b1728f12

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerLanguageNameA

kernel32

WinExec
GetDriveTypeA
DeleteFileA
GetVersionExA
GetModuleHandleA
GetSystemInfo
FindFirstFileA
IsDBCSLeadByte
GlobalFree
lstrlenA
lstrcpyA
FlushFileBuffers
GetModuleFileNameA
GetWindowsDirectoryA
SetFilePointer
WriteFile
GetLastError
GetTickCount
MulDiv
GetPrivateProfileIntA
GetPrivateProfileStringA
lstrcatA
lstrcmpiA
GlobalHandle
GetUserDefaultLCID
FindResourceA
GetProfileStringA
SetErrorMode
LoadLibraryA
FreeLibrary
CreateFileA
GetFileSize
GlobalAlloc
CloseHandle
GlobalLock
ReadFile
GlobalUnlock
FindClose
GetDiskFreeSpaceA
WritePrivateProfileStringA
LCMapStringW
HeapReAlloc
GetProcAddress
HeapAlloc
SetEnvironmentVariableA
VirtualAlloc
GetACP
CompareStringW
GetOEMCP
GetCPInfo
GetStringTypeW
CompareStringA
LCMapStringA
GetStringTypeA
SetStdHandle
MultiByteToWideChar
RtlUnwind
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
WideCharToMultiByte
GetVersion
GetCommandLineA
GetStartupInfoA
GetCurrentProcess
TerminateProcess
ExitProcess
CreateDirectoryA

user32

DestroyWindow
EndDialog
DrawIcon
DialogBoxParamA
GetWindowPlacement
LoadIconA
DestroyIcon
SetRectEmpty
FillRect
LoadStringA
wsprintfA
PostQuitMessage
SetWindowTextA
GetDlgItem
InflateRect
SendMessageA
SetWindowLongA
InvalidateRect
BeginPaint
EndPaint
DefWindowProcA
GetWindowLongA
GetDC
ReleaseDC
LoadCursorA
GetClassInfoA
RegisterClassA
MoveWindow
GetWindowRect
GetWindowTextA
GetWindowTextLengthA
CharUpperA
GetMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
PeekMessageA
MessageBoxA
PostMessageA
FindWindowA
SubtractRect
SetWindowPos
GetClassNameA
IntersectRect
EqualRect
GetWindow
ScreenToClient
GetClientRect
UpdateWindow
SetTimer
ShowWindow
IsWindow
RegisterWindowMessageA
CreateDialogParamA
GetParent
SendDlgItemMessageA
CharNextA
SetRect
GetSystemMetrics
GetSysColor
CreateWindowExA
DrawTextA

gdi32

RestoreDC
DeleteObject
CreateFontIndirectA
GetObjectA
SaveDC
LineTo
MoveToEx
CreatePen
ExtTextOutA
SetBkColor
SetTextColor
GetTextMetricsA
CreateSolidBrush
CreateDIBitmap
RealizePalette
SelectPalette
GetDeviceCaps
CreatePalette
GetSystemPaletteEntries
UnrealizeObject
DeleteDC
BitBlt
CreateCompatibleDC
SelectClipRgn
CreateRectRgn
GetStockObject
GetTextExtentPointA
SelectObject

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA

Sections

.text
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.UPX0
Size: 104KB - Virtual size: 252KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1042f249352088f5c8d4f8a3b1728f12

Headers

File Characteristics

Imports

version

kernel32

user32

gdi32

advapi32

Sections

.text Size: 48KB - Virtual size: 45KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 8KB - Virtual size: 13KB

.rsrc Size: 4KB - Virtual size: 3KB

.UPX0 Size: 104KB - Virtual size: 252KB

.text
Size: 48KB - Virtual size: 45KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 8KB - Virtual size: 13KB

.rsrc
Size: 4KB - Virtual size: 3KB

.UPX0
Size: 104KB - Virtual size: 252KB