83235b002e77e5daf396eb185eeff100_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

83235b002e77e5daf396eb185eeff100_JaffaCakes118
Size

418KB
MD5

83235b002e77e5daf396eb185eeff100
SHA1

49d962b27f5cbdc1b86bdbf35a116ca1f292a752
SHA256

fdb06ac2ffcf91a7e9b380ff528cad18dedda5a290f46d5dffee4ecfdc63b33b
SHA512

53a3a42c030ed91fca5b1cf7c7103280e03de8953e1bbe3a9c68f1303a07ecde08fde36d87abb85f52397dd99fcdbd4180d1fc627888fc19d99fec9c20473aeb
SSDEEP

12288:T0vEYTTTOzUKWMs8lF3K2dKhtCV2eIBY1:T0cRzN88l1KUKGs/BK

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
83235b002e77e5daf396eb185eeff100_JaffaCakes118

Files

83235b002e77e5daf396eb185eeff100_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8864948b624a33b260714f546b0b4009

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateFileA
CreateThread
DeleteFileA
ExitProcess
ExitThread
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetTempFileNameA
GetTempPathA
GetVersionExA
LoadLibraryA
LoadLibraryExA
OpenProcess
WriteProcessMemory
VirtualAlloc
VirtualFree
WriteFile

Sections

UPX0
Size: - Virtual size:

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pe
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pebundle
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pe
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pebundle
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8864948b624a33b260714f546b0b4009

Headers

File Characteristics

Imports

kernel32

Sections

UPX0 Size: - Virtual size:

UPX1 Size: 56KB - Virtual size: 56KB

.rsrc Size: 4KB - Virtual size: 8KB

.pe Size: 1024B - Virtual size: 4KB

.text Size: 137KB - Virtual size: 137KB

.data Size: 1KB - Virtual size: 38KB

.rsrc Size: 33KB - Virtual size: 32KB

.reloc Size: 6KB - Virtual size: 6KB

pebundle Size: 8KB - Virtual size: 8KB

.pe Size: 1024B - Virtual size: 4KB

.text Size: 116KB - Virtual size: 116KB

.data Size: 1024B - Virtual size: 2KB

.rsrc Size: 32KB - Virtual size: 32KB

.reloc Size: 6KB - Virtual size: 5KB

pebundle Size: 12KB - Virtual size: 8KB

UPX0
Size: - Virtual size:

UPX1
Size: 56KB - Virtual size: 56KB

.rsrc
Size: 4KB - Virtual size: 8KB

.pe
Size: 1024B - Virtual size: 4KB

.text
Size: 137KB - Virtual size: 137KB

.data
Size: 1KB - Virtual size: 38KB

.rsrc
Size: 33KB - Virtual size: 32KB

.reloc
Size: 6KB - Virtual size: 6KB

pebundle
Size: 8KB - Virtual size: 8KB

.pe
Size: 1024B - Virtual size: 4KB

.text
Size: 116KB - Virtual size: 116KB

.data
Size: 1024B - Virtual size: 2KB

.rsrc
Size: 32KB - Virtual size: 32KB

.reloc
Size: 6KB - Virtual size: 5KB

pebundle
Size: 12KB - Virtual size: 8KB