959736ae4d35da6cd6d89565ecc18f87_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

959736ae4d35da6cd6d89565ecc18f87_JaffaCakes118
Size

432KB
MD5

959736ae4d35da6cd6d89565ecc18f87
SHA1

5eb7652b39da867b268cc12d656fba0901f4f7fe
SHA256

78740cf71a8d11147ea73840d82d9118651f3afcf8754fefb117439263387571
SHA512

4957975f0c9c9c7aa0c050bd93fceb71d2a29810432aa7cd905c33a952e6b3c558391951ce328ce934cf6b90d563a079d29e65137af4267ecf18592fd87aeac3
SSDEEP

6144:+HohieTIasHguhOC+9R0Rj0kUpwbchVaiDvg65XqVx25rQhxb1H3:/hieUasHguhOC+0p6LnvbB9VQh

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
959736ae4d35da6cd6d89565ecc18f87_JaffaCakes118

Files

959736ae4d35da6cd6d89565ecc18f87_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1dfe864c44e967b8e6576c39fc7abfac

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
EnterCriticalSection
GetFileAttributesA
RtlUnwind
HeapFree
HeapAlloc
InterlockedDecrement
InterlockedIncrement
GetStartupInfoA
GetVersion
ExitProcess
RaiseException
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
InitializeCriticalSection
GetEnvironmentStringsW
SetHandleCount
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetEndOfFile
GetTempPathA
lstrlenW
lstrcpyW
IsDBCSLeadByte
GetModuleHandleA
GetVersionExA
CreateProcessA
SetThreadPriority
ResumeThread
WaitForSingleObject
GetStdHandle
GetHandleInformation
GetCommandLineA
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
DeleteFileA
GetFileType
GetFileSize
Sleep
LocalAlloc
LocalFree
OutputDebugStringA
CreateThread
GetThreadLocale
FormatMessageA
FreeLibrary
LoadLibraryA
GetProcAddress
CreateFileA
SetFilePointer
ReadFile
WriteFile
FlushFileBuffers
LeaveCriticalSection
DeleteCriticalSection
GetLastError

user32

ReleaseDC
SendMessageA
SetFocus
GetDC
GetParent
DefWindowProcA
EndPaint
DestroyCursor
wsprintfA
GetScrollInfo
GetScrollRange
ScrollWindow
UpdateWindow
GetClassInfoExA
RegisterClassExA
GetWindowLongA
SetWindowLongA
SetMenuItemInfoA
CreateWindowExA
GetMenuItemInfoA
CopyRect
LoadMenuA
ShowWindow
GetMessageA
TranslateMessage
DispatchMessageA
SetRect
LoadIconA
GetMenu
PostQuitMessage
MoveWindow
DestroyWindow
GetScrollPos
GetMenuItemCount
CheckMenuItem
GetMenuItemID
GetWindowRect
SetWindowTextA
GetSubMenu
EnableMenuItem
MessageBoxA
GetDesktopWindow
UnionRect
IntersectRect
GetSysColor
FillRect
ClientToScreen
ScreenToClient
PtInRect
LoadStringA
GetSystemMetrics
SetScrollPos
PostMessageA
EnableScrollBar
SetScrollInfo
BeginPaint
LoadCursorA
SetCursor
GetClientRect
InvalidateRect

gdi32

DeleteObject
AddFontResourceA
CreateScalableFontResourceA
RemoveFontResourceA
GetObjectA
GetBkColor
RestoreDC
SaveDC
CombineTransform
SetWorldTransform
CreateDIBitmap
MaskBlt
ExtCreatePen
StrokePath
FillPath
CreateHatchBrush
SetBrushOrgEx
PolyBezier
Arc
Polyline
Ellipse
Polygon
Pie
Chord
SetPixel
ExtTextOutW
ExtTextOutA
GetMapMode
SetPolyFillMode
GetCurrentObject
GetViewportExtEx
CreateBitmap
BeginPath
TextOutW
EndPath
CreatePen
CreatePatternBrush
StrokeAndFillPath
GetTextColor
BitBlt
GetTextMetricsW
GetTextExtentPoint32W
GetGlyphOutlineW
GetTextMetricsA
GetGlyphOutlineA
StretchDIBits
CreatePenIndirect
CreateFontIndirectW
ExtCreateRegion
CreateRectRgnIndirect
CombineRgn
SetRectRgn
LPtoDP
IntersectClipRect
SetROP2
SetBkColor
SetTextColor
CreateBrushIndirect
CreateDIBPatternBrushPt
DeleteDC
SetWindowExtEx
SetViewportExtEx
CreateDIBSection
SetStretchBltMode
SetGraphicsMode
SetMapMode
SetWindowOrgEx
SetViewportOrgEx
PatBlt
SetBoundsRect
AbortDoc
Rectangle
DPtoLP
GdiFlush
GetWindowOrgEx
GetWindowExtEx
StretchBlt
CreateFontIndirectA
GetTextExtentPoint32A
CreateSolidBrush
SelectObject
CreateFontA
CreateRectRgn
SelectClipRgn
GetStockObject
FillRgn
MoveToEx
LineTo
SetTextAlign
SetBkMode
TextOutA
GetDeviceCaps
CreateHalftonePalette
SelectPalette
RealizePalette
UnrealizeObject
UpdateColors
CreateCompatibleDC

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter
GetPrinterDriverDirectoryA

comdlg32

GetSaveFileNameA
GetOpenFileNameA

shell32

DragAcceptFiles
DragQueryFileA
ShellExecuteA
DragFinish

winmm

timeGetTime

comctl32

ord6
ord8
CreateToolbarEx
ord17

Sections

.text
Size: 244KB - Virtual size: 240KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.UPX0
Size: 108KB - Virtual size: 260KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1dfe864c44e967b8e6576c39fc7abfac

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

comdlg32

shell32

winmm

comctl32

Sections

.text Size: 244KB - Virtual size: 240KB

.rdata Size: 44KB - Virtual size: 42KB

.data Size: 28KB - Virtual size: 30KB

.rsrc Size: 4KB - Virtual size: 2KB

.UPX0 Size: 108KB - Virtual size: 260KB

.text
Size: 244KB - Virtual size: 240KB

.rdata
Size: 44KB - Virtual size: 42KB

.data
Size: 28KB - Virtual size: 30KB

.rsrc
Size: 4KB - Virtual size: 2KB

.UPX0
Size: 108KB - Virtual size: 260KB