4086af48c7c32e4804e3528cd3dc9e4f_JaffaCakes118

General

Target

4086af48c7c32e4804e3528cd3dc9e4f_JaffaCakes118
Size

33KB
MD5

4086af48c7c32e4804e3528cd3dc9e4f
SHA1

2886af15a2b851ed9c96887afeeb1ff5a7cb1f55
SHA256

f7981c959b33dc39604d7516b531dab8fc6241914a900edbb469d4ec700d5c0d
SHA512

a4802f963d108bd49e38c98917b0e4eaad49cbe01f756faad024db5aa7ea80a1b76a47c6453906a359ae42e6bbd79c5fded69a8c92402861297a8227ca737bc2
SSDEEP

384:Lrh8A1OC+qfpYqOFcd/tGVw37CybISkT5Mq/MDSEP+:nb1QqcFs/IVwr70SkF9evP

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4086af48c7c32e4804e3528cd3dc9e4f_JaffaCakes118

Files

4086af48c7c32e4804e3528cd3dc9e4f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

28229dc8881385f0a686a0a1179f1778

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

__vbaVarTstGt
__vbaVarSub
_CIcos
_adj_fptan
__vbaVarMove
__vbaStrI4
__vbaVarVargNofree
__vbaFreeVar
__vbaStrVarMove
__vbaLateIdCall
__vbaLenBstr
__vbaFreeVarList
_adj_fdiv_m64
__vbaFreeObjList
__vbaLineInputVar
_adj_fprem1
__vbaStrCat
__vbaSetSystemError
__vbaHresultCheckObj
__vbaLenVar
_adj_fdiv_m32
__vbaAryVar
__vbaOnError
__vbaObjSet
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
_CIsin
__vbaChkstk
__vbaFileClose
EVENT_SINK_AddRef
__vbaGenerateBoundsError
__vbaVarTstEq
__vbaObjVar
__vbaI2I4
DllFunctionCall
_adj_fpatan
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
__vbaStrToUnicode
_adj_fprem
_adj_fdivr_m64
__vbaFPException
__vbaInStrVar
__vbaUbound
__vbaStrVarVal
__vbaI2Var
_CIlog
__vbaErrorOverflow
__vbaFileOpen
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
__vbaVarSetVar
__vbaI4Var
__vbaLateMemCall
__vbaVarAdd
__vbaStrToAnsi
__vbaVarDup
__vbaVarCopy
_CIatan
__vbaStrMove
__vbaAryCopy
_allmul
_CItan
_CIexp
__vbaFreeStr
__vbaFreeObj

Sections

UPX0
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

28229dc8881385f0a686a0a1179f1778

Headers

File Characteristics

Imports

msvbvm60

Sections

UPX0 Size: 28KB - Virtual size: 28KB

.rsrc Size: 2KB - Virtual size: 4KB

.avc Size: 2KB - Virtual size: 4KB

UPX0
Size: 28KB - Virtual size: 28KB

.rsrc
Size: 2KB - Virtual size: 4KB

.avc
Size: 2KB - Virtual size: 4KB