71c2ffeb0890d55907d22ff4c8d854d5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

71c2ffeb0890d55907d22ff4c8d854d5_JaffaCakes118
Size

594KB
MD5

71c2ffeb0890d55907d22ff4c8d854d5
SHA1

c41e1625d05eef882c70efea652c402d3f5716ae
SHA256

110396adc5bf3469fbacd3236137797964b810fcc5a97a5e47d50151fd6f5fee
SHA512

0b439083b09648e8a33bdd7a5c4f26c4891aa5558f11708efac61e07d59fa781a48561be37f7bc05fc0d109c334c0d9ea6e269490765b21f527b2531ff626d65
SSDEEP

6144:PUcgrW/thMQy9jpqPen0YkfwQG06/eR2xSSAGGGvFgzdp8cA4PcbGCXEw61jXVZ8:LgrW/thMN/cb+FQdp8cA4EbGCXTIj

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
71c2ffeb0890d55907d22ff4c8d854d5_JaffaCakes118

Files

71c2ffeb0890d55907d22ff4c8d854d5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cc89bdf50c998c7aa7606095759807a7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LeaveCriticalSection
GetVersionExA
VirtualAlloc
IsBadWritePtr
FreeLibrary
CloseHandle
SetEnvironmentVariableA
CompareStringW
CompareStringA
FlushFileBuffers
LCMapStringW
LCMapStringA
Sleep
SetStdHandle
LoadLibraryA
GetProcAddress
GetOEMCP
GetACP
GetCPInfo
InterlockedIncrement
InterlockedDecrement
SetFilePointer
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
WriteFile
PeekNamedPipe
GetFileInformationByHandle
IsBadCodePtr
IsBadReadPtr
HeapSize
ReadFile
SetUnhandledExceptionFilter
RaiseException
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindNextFileA
FindFirstFileA
InterlockedExchange
HeapReAlloc
HeapAlloc
HeapFree
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetModuleHandleA
GetStartupInfoA
GetVersion
ExitProcess
VirtualFree
FreeEnvironmentStringsA
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
GetCommandLineA
GetModuleFileNameA
GetEnvironmentVariableA
GetEnvironmentStringsW
HeapDestroy
HeapCreate
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetFileType
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
TlsSetValue
SetHandleCount
GetStdHandle
GetCurrentThreadId
TlsGetValue
TlsAlloc
SetLastError
GetLastError

gdi32

StretchDIBits
SetStretchBltMode
SetBrushOrgEx
SetDIBitsToDevice

pthreadvse

pthread_mutex_unlock
pthread_mutex_lock
pthread_create

user32

MessageBoxA
DispatchMessageA
TranslateMessage
GetMessageA
ShowWindow
MoveWindow
SetMenuItemInfoA
DrawMenuBar
SetWindowTextA
GetDlgItemTextA
GetDlgItemInt
EndDialog
SetDlgItemInt
BeginPaint
GetClientRect
EndPaint
InvalidateRect
DestroyWindow
UnregisterClassA
DefWindowProcA
DialogBoxParamA
PostQuitMessage
LoadImageA
LoadMenuA
LoadIconA
LoadCursorA
RegisterClassExA
CreateWindowExA
GetWindowRect
PostMessageA

ws2_32

Sections

UPX0
Size: 588KB - Virtual size: 588KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

cc89bdf50c998c7aa7606095759807a7

Headers

File Characteristics

Imports

kernel32

gdi32

pthreadvse

user32

ws2_32

Sections

UPX0 Size: 588KB - Virtual size: 588KB

.rsrc Size: 2KB - Virtual size: 4KB

.avc Size: 3KB - Virtual size: 4KB

UPX0
Size: 588KB - Virtual size: 588KB

.rsrc
Size: 2KB - Virtual size: 4KB

.avc
Size: 3KB - Virtual size: 4KB