89c5074576863bcd2a91b6906446bcc3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

89c5074576863bcd2a91b6906446bcc3_JaffaCakes118
Size

2.2MB
MD5

89c5074576863bcd2a91b6906446bcc3
SHA1

b0cb6d92144bc4c57a9e0fd437a5e8c8fb09d79c
SHA256

01cf59f120183004926f54362b587a52bc69c46d17af3683fb4e43dd9a542d2d
SHA512

d6cf9fc73bc5994414d882139de12276a2ae611277fd83d59a0051183310e73f89f6f1a50ffa7d0736eed1602f0422335a6a6da2f7bce34b1083ce51b70ea118
SSDEEP

49152:LH3J2PhRBfJW+FfNwrLaSrBPm0rMF/wIMynJdU450LTYck:LH3J2PhJlZYROf/wIMyI450XY9

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
89c5074576863bcd2a91b6906446bcc3_JaffaCakes118
unpack001/out.upx

Files

89c5074576863bcd2a91b6906446bcc3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 2.5MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 108KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Exports

Exports

@$xp$11TTrayIconXP
@$xp$14TProgressBarMy
@$xp$17TPerformanceGraph
@@Download@Finalize
@@Download@Initialize
@@Frame3@Finalize
@@Frame3@Initialize
@@Frame@Finalize
@@Frame@Initialize
@@Help@Finalize
@@Help@Initialize
@@Inet@Finalize
@@Inet@Initialize
@@Inetdown@Finalize
@@Inetdown@Initialize
@@Install@Finalize
@@Install@Initialize
@@Loadform@Finalize
@@Loadform@Initialize
@@Main@Finalize
@@Main@Initialize
@@Media@Finalize
@@Media@Initialize
@@Perfgrap@Finalize
@@Perfgrap@Initialize
@@Pmode@Finalize
@@Pmode@Initialize
@@Privacyframe@Finalize
@@Privacyframe@Initialize
@@Progressbar1@Finalize
@@Progressbar1@Initialize
@@Promo@Finalize
@@Promo@Initialize
@@Run@Finalize
@@Run@Initialize
@@Scan@Finalize
@@Scan@Initialize
@@Settings@Finalize
@@Settings@Initialize
@@Ssdt@Finalize
@@Ssdt@Initialize
@@Sysinfo@Finalize
@@Sysinfo@Initialize
@@Trayicon@Finalize
@@Trayicon@Initialize
@@Trayiconxp@Finalize
@@Trayiconxp@Initialize
@@Unit2@Finalize
@@Unit2@Initialize
@@Unit7@Finalize
@@Unit7@Initialize
@@Unitform1@Finalize
@@Unitform1@Initialize
@@User@Finalize
@@User@Initialize
@@Utils@Finalize
@@Utils@Initialize
@@Utilsunit@Finalize
@@Utilsunit@Initialize
@@Warninig@Finalize
@@Warninig@Initialize
@@Www@Finalize
@@Www@Initialize
@Progressbar1@Register$qqrv
@TPerformanceGraph@
@TPerformanceGraph@$bctr$qqrp18Classes@TComponent
@TPerformanceGraph@$bdtr$qqrv
@TPerformanceGraph@DataPoint$qqr15Graphics@TColorl
@TPerformanceGraph@DisplayPoints$qqrl
@TPerformanceGraph@FirstY$qqrv
@TPerformanceGraph@GetBandCount$qqrv
@TPerformanceGraph@Initialize$qqrl
@TPerformanceGraph@LastY$qqri
@TPerformanceGraph@NextY$qqri
@TPerformanceGraph@Paint$qqrv
@TPerformanceGraph@PaintBar$qqr15Graphics@TColorll
@TPerformanceGraph@PaintLine$qqr15Graphics@TColorll
@TPerformanceGraph@ReallocHistory$qqrv
@TPerformanceGraph@Replay$qqrv
@TPerformanceGraph@RoundUp$qqrll
@TPerformanceGraph@ScrollGraph$qqrv
@TPerformanceGraph@SetBackColor$qqr15Graphics@TColor
@TPerformanceGraph@SetForeColor$qqr15Graphics@TColor
@TPerformanceGraph@SetGradient$qqrl
@TPerformanceGraph@SetGraphKind$qqr10TGraphKind
@TPerformanceGraph@SetGridSize$qqrl
@TPerformanceGraph@SetGridlines$qqro
@TPerformanceGraph@SetPenWidth$qqrl
@TPerformanceGraph@SetScale$qqrl
@TPerformanceGraph@SetStepSize$qqrl
@TPerformanceGraph@ShiftY$qqrv
@TPerformanceGraph@Update$qqrv
@TProgressBarMy@
@TProgressBarMy@$bctr$qqrp18Classes@TComponent
@TProgressBarMy@PaintTo$qqrp5HDC__ii
@TTrayIconXP@
@TTrayIconXP@$bctr$qqrp18Classes@TComponent
@Trayiconxp@Register$qqrv
_Form1
_Form10
_Form2
_Form3
_Form4
_Form5
_Form6
_Form7
_Form8
_Form9
_Frame2
_InetFrame
_InstallForm
_LicFrame
_MainFrame
_MediaFrame
_PrivacyFr
_PromoForm
_ScanForm
_SysInfoFrame
_UtilsFrame
__GetExceptDLLinfo
___CPPdebugHook

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 146KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 159KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 2.5MB

UPX1 Size: 2.1MB - Virtual size: 2.1MB

.rsrc Size: 108KB - Virtual size: 112KB

Headers

File Characteristics

Exports

Exports

Sections

.text Size: 2.1MB - Virtual size: 2.1MB

.data Size: 146KB - Virtual size: 192KB

.tls Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 31KB - Virtual size: 32KB

.didata Size: 1024B - Virtual size: 4KB

.edata Size: 4KB - Virtual size: 4KB

.rsrc Size: 2.1MB - Virtual size: 2.1MB

.reloc Size: 159KB - Virtual size: 160KB

UPX0
Size: - Virtual size: 2.5MB

UPX1
Size: 2.1MB - Virtual size: 2.1MB

.rsrc
Size: 108KB - Virtual size: 112KB

.text
Size: 2.1MB - Virtual size: 2.1MB

.data
Size: 146KB - Virtual size: 192KB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 31KB - Virtual size: 32KB

.didata
Size: 1024B - Virtual size: 4KB

.edata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 2.1MB - Virtual size: 2.1MB

.reloc
Size: 159KB - Virtual size: 160KB