Alloc
Call
Copy
Free
Get
Int64Op
Store
General
-
Target
40d7a3d23e6c40b65364ec978609a70f_JaffaCakes118
-
Size
1.1MB
-
MD5
40d7a3d23e6c40b65364ec978609a70f
-
SHA1
b380d69329bc7fcea0468ed2a8cb01d6c54930b3
-
SHA256
52cf6f701bbdd4d617cbc94f19af36c3b2712cf6d064d8eac5d40759b6b065fb
-
SHA512
1b4b8bde8857f502308a488a03569feef7496c583175357e19f49b7c9247f348f8e8e1938462b346101b1f048103a54ceea0f19ff15549b57b3f068c5a252496
-
SSDEEP
24576:4+Wqi4A+IrSYBY4rc1tOUa/sdJL2NjjVy8G9c+ilX2lxjQEc8H+WQWmRteGKAT:DiOrY5rctaEdMNY8cflOEce+WUkG1
Score
7/10
Malware Config
Signatures
-
UPX packed file 2 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Unsigned PE 9 IoCs
Checks for missing Authenticode signature.
-
NSIS installer 1 IoCs
Files
-
40d7a3d23e6c40b65364ec978609a70f_JaffaCakes118
Headers
Sections
-
$0/023.dat
-
$0/023v.dat
-
$0/023w7.dat
-
$0/AWF.cmd
-
$0/ActiveDrv.vbs
-
$0/AppDataFile.cfx
-
$0/AppDataFolder.cfx
-
$0/Assoc.cmd
-
$0/Auto-RC.cmd
-
$0/BFE.dat
-
$0/Boot-Rk.cmd
-
$0/Boot.bat
-
$0/BootDrv.vbs
-
$0/CF-Script.cmd
-
$0/Catch-sub.cmd
-
$0/Combo-Fix.sys
Headers
Sections
-
$0/ComboFix-Download.3XE
Headers
Sections
-
$0/Combobatch.bat
-
$0/Create.cmd
-
$0/Creg.dat
-
$0/CregC.cmd
-
$0/CregC.dat
-
$0/DPF.str
-
$0/DelClsid.bat
-
$0/DelClsid64.bat
-
$0/DesktopFile.cfx
-
$0/Dnl.dat
-
$0/DrvRun.vbs
-
$0/ERDNT.e_e
Headers
Sections
-
$0/ERDNTDOS.LOC
-
$0/ERDNTWIN.LOC
-
$0/ERUNT.3XE
Headers
Sections
-
$0/ERUNT.LOC
-
$0/Exe.reg
-
$0/FD-SV.cmd
-
$0/FIND3M.bat
-
$0/FIXLSP.bat
-
$0/FKMGen.cmd
-
$0/FavoriteFolder.cfx
-
$0/FavoritesFile.cfx
-
$0/FileKill.3XE
Headers
Sections
-
$0/Fin.dat
-
$0/GetHive.cmd
-
$0/Imefile.dat
-
$0/Install-RC.cmd
-
$0/Kill-All.cmd
-
$0/Ksvchost.vbs
-
$0/Lang.bat
-
$0/List-B.bat
-
$0/List-C.bat
-
$0/List-D.bat
-
$0/List.bat
-
$PLUGINSDIR/System.dll
2017f2acbdaa42ab3e4adeb8b4c37e7b
Headers
Imports
Exports
Sections
-
$PLUGINSDIR/UserInfo.dll
afa8e526425f3585465337467d0b5909
Headers
Imports
Exports
Sections
-
out.upx
Headers
Sections