95da022e150d9b61e3e63ece56ba2970_JaffaCakes118

General

Target

95da022e150d9b61e3e63ece56ba2970_JaffaCakes118
Size

33KB
MD5

95da022e150d9b61e3e63ece56ba2970
SHA1

6082b7fca063c845c2633698ddf931221f8ac01d
SHA256

f199661967131306bd0c59526e1aeeaf618d329a94872288eef05188dbcce9ae
SHA512

04ac087ece489f8fc9f972a54b3e75b9e590f3e4e2b76fe4d6d14d9528cdae3ca788dfed7c63f8fabfbe99826f1512ad9a81800d77d14888498709fffe3b1c9b
SSDEEP

384:FbHYzP9jilLrwc0NwJCzHi+JCzihGdqnrjYBWIVGTzGdBR:pCP9jiVwc0AQHPJCKREG3G

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
95da022e150d9b61e3e63ece56ba2970_JaffaCakes118

Files

95da022e150d9b61e3e63ece56ba2970_JaffaCakes118
.exe windows:4 windows x86 arch:x86

61820e77e1124a6154da2f2d5c552b6d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
GetProcAddress
LoadLibraryA
FreeLibrary
LocalFree
MapViewOfFile
CloseHandle
GetWindowsDirectoryA
UnmapViewOfFile
GetModuleHandleA
GetVersion
CopyFileA
GetShortPathNameA
GetStartupInfoA
GetModuleFileNameA
lstrlenA
ReleaseMutex
GetLastError
CreateMutexA
GetSystemDirectoryA
GetTempPathA
GetVersionExA
GetPrivateProfileIntA
GetPrivateProfileStringA

advapi32

SetEntriesInAclA
SetSecurityInfo
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
GetSecurityInfo

mfc42

msvcrt

_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
sprintf
fseek
ftell
_setmbcp
_strnicmp
__CxxFrameHandler
fclose
fwrite
fopen
memmove
_controlfp
free
strstr
fread
malloc

shell32

ShellExecuteA

user32

KillTimer
IsIconic
SendMessageA
GetClientRect
EnableWindow
GetWindowLongA
SetWindowLongA
MoveWindow
DrawIcon
LoadIconA
SetTimer
GetSystemMetrics

wininet

InternetOpenA
InternetReadFile
InternetCloseHandle
InternetOpenUrlA
HttpQueryInfoA

Sections

UPX0
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

61820e77e1124a6154da2f2d5c552b6d

Headers

File Characteristics

Imports

kernel32

advapi32

mfc42

msvcrt

shell32

user32

wininet

Sections

UPX0 Size: 28KB - Virtual size: 28KB

.rsrc Size: 1KB - Virtual size: 4KB

.avc Size: 2KB - Virtual size: 4KB

UPX0
Size: 28KB - Virtual size: 28KB

.rsrc
Size: 1KB - Virtual size: 4KB

.avc
Size: 2KB - Virtual size: 4KB