8c8f77a843aba5b1abf29d184969ff6a_JaffaCakes118

General

Target

8c8f77a843aba5b1abf29d184969ff6a_JaffaCakes118
Size

59KB
MD5

8c8f77a843aba5b1abf29d184969ff6a
SHA1

23348ae004c653d6110367fc0360dfc9bd0b0064
SHA256

3fca0e2da58c3a7cb5b882cbc90451635886bbc92be633007225b1b1db7b0286
SHA512

03e27043877baa23e0c04ed682612105da41d350e26aa4167e275856ecf59c41934c9b70609b2ff67775a64f2662e847654f45685fcdbe4d2848876e6918c62c
SSDEEP

1536:rEcHrEo6PETmc+4AXkOsmh6PuE7SP47XbkDsDGv3P1Hh:rEcwnP4ekXjZzgf1Hh

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8c8f77a843aba5b1abf29d184969ff6a_JaffaCakes118

Files

8c8f77a843aba5b1abf29d184969ff6a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

691c2554efa1dd27e86002af2b67ff93

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateRemoteThread
WaitForSingleObject
CreateThread
CloseHandle
ExitThread
GetSystemDirectoryA
GlobalMemoryStatus
GetVersionExA
TerminateProcess
WriteProcessMemory
VirtualAllocEx
CreateEventA
GetProcAddress
GetModuleHandleA
CreateProcessA
Process32Next
Process32First
CreateToolhelp32Snapshot
Sleep
OpenProcess
GetStartupInfoA
GetLastError
lstrlenA
GetModuleFileNameA
GetShortPathNameA
GetEnvironmentVariableA
lstrcpyA
lstrcatA
GetCurrentProcess
SetPriorityClass
GetCurrentThread
SetThreadPriority
ResumeThread
WinExec

advapi32

DeleteService
OpenSCManagerA
SetServiceStatus
RegisterServiceCtrlHandlerA
RegSetValueExA
RegOpenKeyA
StartServiceA
CreateServiceA
StartServiceCtrlDispatcherA
RegOpenKeyExA
OpenServiceA

mfc42

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
malloc
free
srand
time
strncmp
exit
printf
strncpy
sprintf
strstr
strchr
atoi
__CxxFrameHandler
rand
_strcmpi

urlmon

URLDownloadToFileA

user32

wsprintfA

winmm

timeGetTime

ws2_32

Sections

UPX0
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

691c2554efa1dd27e86002af2b67ff93

Headers

File Characteristics

Imports

kernel32

advapi32

mfc42

msvcrt

urlmon

user32

winmm

ws2_32

Sections

UPX0 Size: 56KB - Virtual size: 56KB

.avc Size: 2KB - Virtual size: 4KB

UPX0
Size: 56KB - Virtual size: 56KB

.avc
Size: 2KB - Virtual size: 4KB