4d7b573754f6f73b18fb977881ed8135_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4d7b573754f6f73b18fb977881ed8135_JaffaCakes118
Size

891KB
MD5

4d7b573754f6f73b18fb977881ed8135
SHA1

d2c7758fa93133ff1638c6e04151b5aa3096645b
SHA256

f16d61b4bc06566cadc5ca45d0f3684dcdb8c5cffb9d96043ce2b6aad5e0fbfa
SHA512

23e4e3119d88624647680cb94ba670b9061152c660fa882361d6d677bbcda7349f3bd400f2847d458a8236146592b2e09f465a1685f8accb2c966516ef8ba00c
SSDEEP

12288:bhRgJx5oag/YmH/cZlWkjh87tKvRiBWdfbb0k479pRdUe2jBXyFKYDNJ6+6jfZhz:VRgP5Zg/YmvkAURREfVdUNXiBsz7BF3

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/TOP-v5.0/Update.exe	upx
static1/unpack001/TOP-v5.0/top.exe	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/TOP-v5.0/Update.exe
unpack001/TOP-v5.0/top.exe

Files

4d7b573754f6f73b18fb977881ed8135_JaffaCakes118
.rar
TOP-v5.0/Data/checked.gif
.gif
TOP-v5.0/Data/lastunclose.htm
.html .js polyglot
TOP-v5.0/Data/unchecked.gif
.gif
TOP-v5.0/English.ini
TOP-v5.0/Groups/Flash.tgp
TOP-v5.0/Groups/交友.tgp
TOP-v5.0/Groups/体育.tgp
TOP-v5.0/Groups/信箱.tgp
TOP-v5.0/Groups/健康.tgp
TOP-v5.0/Groups/军事.tgp
TOP-v5.0/Groups/女性.tgp
TOP-v5.0/Groups/手机.tgp
TOP-v5.0/Groups/教程.tgp
TOP-v5.0/Groups/文学.tgp
TOP-v5.0/Groups/新闻.tgp
TOP-v5.0/Groups/游戏.tgp
TOP-v5.0/Groups/生活.tgp
TOP-v5.0/Groups/硬件.tgp
TOP-v5.0/Groups/社区.tgp
TOP-v5.0/Groups/网址导航.tgp
TOP-v5.0/Groups/聊天.tgp
TOP-v5.0/Groups/英语.tgp
TOP-v5.0/Groups/证券.tgp
TOP-v5.0/Groups/购物.tgp
TOP-v5.0/Groups/软件.tgp
TOP-v5.0/Groups/门户网站.tgp
TOP-v5.0/Groups/音乐.tgp
TOP-v5.0/Groups/ＩＴ.tgp
TOP-v5.0/Language.ini
TOP-v5.0/Readme.txt
TOP-v5.0/Update.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 624KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 235KB - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 162KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
TOP-v5.0/top.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 1.9MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 609KB - Virtual size: 612KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 35KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
TOP-v5.0/新云软件.url
.url

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 624KB

UPX1 Size: 235KB - Virtual size: 236KB

.rsrc Size: 162KB - Virtual size: 164KB

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 1.9MB

UPX1 Size: 609KB - Virtual size: 612KB

.rsrc Size: 35KB - Virtual size: 36KB

UPX0
Size: - Virtual size: 624KB

UPX1
Size: 235KB - Virtual size: 236KB

.rsrc
Size: 162KB - Virtual size: 164KB

UPX0
Size: - Virtual size: 1.9MB

UPX1
Size: 609KB - Virtual size: 612KB

.rsrc
Size: 35KB - Virtual size: 36KB