672929a327e148bd50d2bc0c6d38bd1b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

672929a327e148bd50d2bc0c6d38bd1b_JaffaCakes118
Size

65KB
MD5

672929a327e148bd50d2bc0c6d38bd1b
SHA1

1323e92d34410bdfab8f57aac92cabb2e16adfb0
SHA256

b477c9253d3efda63f88378ca198ed51142c17d0364cf20f0c97dffabae5a548
SHA512

54728022573082e70a4c633bf9a116a060f0c3a4b55bb269039cd2e3afcaccadf3f5bfd21560985f7f376692acfdd8c16640faf874d23184f13bf28f2284eed7
SSDEEP

384:x7f2i4qIvpVpG9jO/b94nykTAX8eQJyaJhWJktnP:x7f2Pqgc+9vkMYyGIktP

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
672929a327e148bd50d2bc0c6d38bd1b_JaffaCakes118

Files

672929a327e148bd50d2bc0c6d38bd1b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

881f1d51693b9d6d74a414de1a8042e0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileA
GetStartupInfoA
GetModuleHandleA
RemoveDirectoryA
CreateMutexA
GetLastError
DeleteFileA
CreateFileA
WriteFile
CloseHandle
GetVersionExA
LoadLibraryA
GetProcAddress
GetCurrentProcessId
FreeLibrary
GetModuleFileNameA
CreateDirectoryA
Sleep
GetSystemTimeAsFileTime
GetTickCount
MultiByteToWideChar
GetTempPathA

mfc42

msvcrt

__dllonexit
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_onexit
malloc
strstr
sprintf
__CxxFrameHandler
fclose
fwrite
fopen
atoi
strtok
strrchr
exit
__p___argv
__p___argc
rand
srand
time
_strupr
free
sscanf
_except_handler3
?terminate@@YAXXZ
_exit
_XcptFilter
_acmdln

ole32

CoCreateInstance
OleUninitialize
OleInitialize

oleaut32

shell32

ShellExecuteA
SHGetSpecialFolderPathA

shlwapi

SHSetValueA
SHGetValueA
SHRegCloseUSKey
SHRegWriteUSValueA
SHRegOpenUSKeyA
SHRegQueryUSValueA
SHDeleteValueA
SHDeleteKeyA
SHRegCreateUSKeyA

user32

SetForegroundWindow
GetForegroundWindow
GetWindowTextA
GetCursorPos
PostQuitMessage
DefWindowProcA
wsprintfA
PostMessageA
FindWindowA
MessageBoxA
KillTimer
DispatchMessageA
TranslateMessage
GetMessageA
SetTimer
CreateWindowExA
RegisterClassExA
EnumWindows

wininet

InternetReadFile
InternetCloseHandle
InternetOpenA
InternetOpenUrlA
InternetGetConnectedState

Sections

UPX0
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avp
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

881f1d51693b9d6d74a414de1a8042e0

Headers

File Characteristics

Imports

kernel32

mfc42

msvcrt

ole32

oleaut32

shell32

shlwapi

user32

wininet

Sections

UPX0 Size: 60KB - Virtual size: 60KB

.rsrc Size: 1KB - Virtual size: 4KB

.avp Size: 2KB - Virtual size: 4KB

UPX0
Size: 60KB - Virtual size: 60KB

.rsrc
Size: 1KB - Virtual size: 4KB

.avp
Size: 2KB - Virtual size: 4KB