858589aefaa6cada497b5309e14ed3e5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

858589aefaa6cada497b5309e14ed3e5_JaffaCakes118
Size

721KB
MD5

858589aefaa6cada497b5309e14ed3e5
SHA1

6894605b963383558e16511e8685b9c4f1872fee
SHA256

69bad027e6521eb7405609cd77c5377f0c7d001e0f632aef680f434d61a2c4df
SHA512

b74bcfb47df8fbd5faab2b10bf767b38a3551c138486ed28c8b45be22af7fc2b461aee7c364fabc16b44081aa1bcd636c6789192dd70b2bf908c1b34efdd0ad8
SSDEEP

12288:u3UqwsYzKni3AtfFCgThoI5Ux2HEFP+3on8QlylfN8j0dzIQ7kacSdzB:uV1KKni3I9C2J5Ux2HEFP+3onLlylCjY

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
858589aefaa6cada497b5309e14ed3e5_JaffaCakes118

Files

858589aefaa6cada497b5309e14ed3e5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f19cfdb27601b3b726602a2fa2f3923c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
GetLastError
CreateEventA
GetFileAttributesA
GetDriveTypeA
GetLogicalDrives
CopyFileA
ExitProcess
WritePrivateProfileStructA
GetPrivateProfileStructA
GetShortPathNameA
lstrcmpA
GetSystemTimeAsFileTime
GetModuleHandleA
SetPriorityClass
ReleaseSemaphore
MultiByteToWideChar
RemoveDirectoryA
SystemTimeToFileTime
CreateSemaphoreA
SetEvent
GetACP
GlobalUnlock
GlobalLock
HeapDestroy
InterlockedIncrement
InterlockedDecrement
lstrlenW
FlushInstructionCache
GetCurrentThreadId
Sleep
CreateThread
WaitForSingleObject
CloseHandle
GetModuleFileNameA
FindResourceA
LoadResource
LockResource
MulDiv
GetTickCount
GlobalAlloc
GetFullPathNameA
FindNextFileA
lstrcpynA
TerminateThread
MoveFileA
CreateFileA
ReadFile
SetFilePointer
WriteFile
SetEndOfFile
LoadLibraryA
GetProcAddress
FreeLibrary
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
CreateDirectoryA
FindFirstFileA
FindClose
CreateProcessA
lstrcmpiA
DeleteFileA
GetTempPathA
GetTempFileNameA
GetPrivateProfileIntA
SetCurrentDirectoryA
GetCurrentDirectoryA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetSystemTime
lstrlenA
GlobalReAlloc
SetThreadPriority
UnhandledExceptionFilter
LCMapStringA
GetFileType
LCMapStringW
SetHandleCount
TerminateProcess
GetStdHandle
GetOEMCP
GetCPInfo
HeapFree
GetCommandLineA
GetStartupInfoA
GetVersion
RtlUnwind
VirtualAlloc
FreeEnvironmentStringsA
FreeEnvironmentStringsW
HeapAlloc
GetEnvironmentStrings
GetEnvironmentStringsW
HeapCreate
VirtualFree
GetStringTypeA
GetStringTypeW
WideCharToMultiByte
HeapReAlloc
IsBadWritePtr
GlobalFree
SetStdHandle
FlushFileBuffers
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
RaiseException

user32

GetClassInfoExA
GetWindowTextLengthA
GetSysColor
SetFocus
GetFocus
FillRect
RedrawWindow
GetClassNameA
CreateAcceleratorTableA
InvalidateRgn
KillTimer
GetMessageA
DispatchMessageA
MessageBoxA
SetCapture
ReleaseCapture
GetCursorPos
EnableWindow
EndDialog
LoadCursorA
SetCursor
SetWindowLongA
GetWindowLongA
DialogBoxParamA
ClientToScreen
RegisterClassExA
GetWindow
DefWindowProcA
CheckMenuItem
GetUpdateRect
BeginPaint
EndPaint
GetForegroundWindow
FindWindowA
SystemParametersInfoA
DrawIconEx
SetDlgItemInt
GetDC
GetWindowTextA
SetWindowTextA
GetWindowDC
ReleaseDC
DestroyWindow
GetDlgItem
GetWindowRect
ScreenToClient
SetWindowPos
InvalidateRect
SendMessageA
GetDlgItemTextA
DrawTextA
SetForegroundWindow
CreateDialogParamA
ShowWindow
DestroyCursor
CharPrevA
DestroyIcon
GetDlgItemInt
SetWindowRgn
wvsprintfA
GetClassInfoA
IsDlgButtonChecked
CheckRadioButton
LoadImageA
wsprintfA
CheckDlgButton
CreatePopupMenu
DestroyMenu
FindWindowExA
PostQuitMessage
IsWindowVisible
UpdateWindow
GetSystemMenu
InsertMenuA
GetMenuItemInfoA
RemoveMenu
InsertMenuItemA
GetAsyncKeyState
CreateWindowExA
LoadIconA
RegisterClassA
LoadStringA
LoadAcceleratorsA
SetClassLongA
SetCursorPos
IsWindow
GetSystemMetrics
LoadBitmapA
GetClientRect
IsChild
GetClassLongA
IsDialogMessageA
CharNextA
TranslateAcceleratorA
TranslateMessage
SendDlgItemMessageA
CallWindowProcA
GetParent
SetDlgItemTextA
PeekMessageA
PostMessageA
GetSubMenu
SetTimer
TrackPopupMenu
RegisterWindowMessageA
LoadMenuA

gdi32

DeleteDC
GetDIBits
SelectObject
CreateCompatibleDC
SetBkMode
SetTextColor
LineTo
MoveToEx
UpdateColors
RealizePalette
SelectPalette
BitBlt
CreateDIBSection
CreatePalette
GetDeviceCaps
CreateBrushIndirect
GetNearestColor
GetPixel
GetTextMetricsA
CreateFontA
CreateCompatibleBitmap
StretchBlt
ExtSelectClipRgn
Rectangle
IntersectClipRect
SetBkColor
GetStockObject
CreatePen
TextOutA
CreateRectRgn
CreatePolyPolygonRgn
CreateSolidBrush
DeleteObject
GetDIBColorTable

advapi32

RegSetValueExA
RegCloseKey
RegQueryValueExA
RegOpenKeyA
RegDeleteValueA
RegCreateKeyA
RegDeleteKeyA
RegEnumKeyA

shell32

ShellExecuteA
Shell_NotifyIconA
DragQueryPoint
DragQueryFileA
SHGetMalloc
SHBrowseForFolderA
SHGetPathFromIDListA
DragFinish

comctl32

ord17

ole32

OleLockRunning
CoTaskMemAlloc
StringFromCLSID
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoCreateGuid
CoCreateInstance
CoInitialize

winmm

mciSendCommandA

comdlg32

GetOpenFileNameA
GetSaveFileNameA

oleaut32

SysStringLen
SysAllocStringLen
LoadRegTypeLi
SysAllocString
SysFreeString
VariantClear

Sections

.text
Size: 278KB - Virtual size: 278KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 293KB - Virtual size: 292KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.UPX0
Size: 104KB - Virtual size: 252KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f19cfdb27601b3b726602a2fa2f3923c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

comctl32

ole32

winmm

comdlg32

oleaut32

Sections

.text Size: 278KB - Virtual size: 278KB

.rdata Size: 14KB - Virtual size: 14KB

.data Size: 30KB - Virtual size: 109KB

.rsrc Size: 293KB - Virtual size: 292KB

.UPX0 Size: 104KB - Virtual size: 252KB

.text
Size: 278KB - Virtual size: 278KB

.rdata
Size: 14KB - Virtual size: 14KB

.data
Size: 30KB - Virtual size: 109KB

.rsrc
Size: 293KB - Virtual size: 292KB

.UPX0
Size: 104KB - Virtual size: 252KB