5cc3d4ddddc6c9c4173425b3fef3c338_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5cc3d4ddddc6c9c4173425b3fef3c338_JaffaCakes118
Size

204KB
MD5

5cc3d4ddddc6c9c4173425b3fef3c338
SHA1

4914c61422f8bc5766fa085d7344ffba0a60475f
SHA256

a6a4a3640d02131496d9de1d9c386f1376eae97bcfed6e58f04bcfa95a864709
SHA512

8df5e8ccad86400356d8f15a64a77d2ad1a1510893eeec7ad99847d751b7faf2b12499e68d5b1480da88dd28bd3575efaea9933e78fe9093f661630c148c4729
SSDEEP

3072:iBiesh1lDF+i1fdhZjSzemJuo9HAvS+8fVYxv7fKXpGdaA7rmZeCvF+Yb2Ycy8kU:iaF+WhdWcv7C5Teazau8kZHIZxlJXCs

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5cc3d4ddddc6c9c4173425b3fef3c338_JaffaCakes118

Files

5cc3d4ddddc6c9c4173425b3fef3c338_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4e86040d352b1a9efa37c2220e75d9d1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

kernel32

lstrcmpA
ReadFile
GetLastError
CreateFileA
IsValidCodePage
CloseHandle
WriteFile
SetFilePointer
FreeLibrary
GetProcAddress
GetSystemInfo
GetDiskFreeSpaceA
_lclose
OpenFile
GetDriveTypeA
CreateDirectoryA
GetFileAttributesA
RemoveDirectoryA
lstrcatA
GetVersionExA
GetCurrentProcess
GetCurrentThread
GetLocaleInfoA
GlobalUnlock
GlobalFree
GetUserDefaultLCID
GetTickCount
DeleteFileA
GetModuleFileNameA
lstrcmpiA
ExpandEnvironmentStringsA
GetPrivateProfileIntA
GetTempPathA
SetErrorMode
GetWindowsDirectoryA
GetTempFileNameA
WritePrivateProfileStringA
GetPrivateProfileStringA
lstrlenA
lstrcpyA
GlobalLock
VerLanguageNameA
GlobalAlloc
GetExitCodeProcess
GlobalHandle
CreateProcessA
LoadLibraryA
IsBadReadPtr
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
FlushFileBuffers
SetUnhandledExceptionFilter
IsBadCodePtr
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetOEMCP
GetACP
GetCPInfo
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
HeapAlloc
HeapFree
TerminateProcess
ExitProcess
RtlUnwind
LCMapStringA
LCMapStringW
SetStdHandle

user32

PostMessageA
SetTimer
LoadIconA
BeginPaint
KillTimer
PostQuitMessage
GetMessageA
TranslateMessage
DispatchMessageA
wsprintfA
DefWindowProcA
DialogBoxParamA
ShowWindow
GetDlgItem
EndDialog
CharNextA
CreateDialogParamA
DestroyWindow
IsWindow
IsDialogMessageA
PeekMessageA
SendMessageA
SendDlgItemMessageA
ExitWindowsEx
MsgWaitForMultipleObjects
CharPrevA
LoadStringA
GetDlgItemTextA
EnableWindow
SetCursor
GetParent
GetSystemMetrics
GetClientRect
GetWindowTextLengthA
GetWindowTextA
GetDC
SetWindowTextA
GetWindowRect
DrawIcon
CreateWindowExA
EndPaint
DestroyIcon
LoadCursorA
RegisterClassA
GetWindowPlacement
MoveWindow
ReleaseDC

gdi32

GetTextExtentPointA
TranslateCharsetInfo
DeleteObject
GetObjectA
CreateFontIndirectA
GetStockObject

advapi32

RegEnumValueA
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
FreeSid
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
EqualSid
AllocateAndInitializeSid
GetTokenInformation
OpenThreadToken

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.UPX0
Size: 104KB - Virtual size: 252KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4e86040d352b1a9efa37c2220e75d9d1

Headers

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

advapi32

version

Sections

.text Size: 56KB - Virtual size: 52KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 12KB - Virtual size: 19KB

.rsrc Size: 20KB - Virtual size: 17KB

.UPX0 Size: 104KB - Virtual size: 252KB

.text
Size: 56KB - Virtual size: 52KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 12KB - Virtual size: 19KB

.rsrc
Size: 20KB - Virtual size: 17KB

.UPX0
Size: 104KB - Virtual size: 252KB