a1f73610911d6e7e464d23b5e0fb7750_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a1f73610911d6e7e464d23b5e0fb7750_JaffaCakes118
Size

1.2MB
MD5

a1f73610911d6e7e464d23b5e0fb7750
SHA1

7810fba796f7ffa555c344ede5832b2a250540f1
SHA256

c6fe4aef8794a5c95e37e585518ebdee22473693c253b63e09d887d5e845a5aa
SHA512

009823752e718b8c5523772cf2bfb55b3cc33c9b872547feb372c30310a8839b8d4ee587bf4e2f4a3b70eb3210e480e46ec1eda038440be9e1e817be5481d75e
SSDEEP

24576:FAMUVjUJWJ1OI1ToSQATgLW8COdAMUVjUJWJ1OI1ToSQATgLW8COo:CZVIJKOIpokgLWZO6ZVIJKOIpokgLWZ9

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack002/Perfect_Keylogger_1.68.2_2/i_bpk2007.exe	upx
static1/unpack001/Perfect_Keylogger_1.68.2_2/i_bpk2007.exe	upx

Unsigned PE 6 IoCs

Checks for missing Authenticode signature.

resource
unpack002/Perfect_Keylogger_1.68.2_2/i_bpk2007.exe
unpack003/out.upx
unpack002/Perfect_Keylogger_1.68.2_2/keygen.exe
unpack001/Perfect_Keylogger_1.68.2_2/i_bpk2007.exe
unpack004/out.upx
unpack001/Perfect_Keylogger_1.68.2_2/keygen.exe

Files

a1f73610911d6e7e464d23b5e0fb7750_JaffaCakes118
.rar
Perfect_Keylogger_1.68.2_2/Perfect_Keylogger_1.68.2_2.rar
.rar
Perfect_Keylogger_1.68.2_2/i_bpk2007.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 56KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Perfect_Keylogger_1.68.2_2/keygen.exe
.exe windows:4 windows x86 arch:x86

db9081ac6ed626baeaacaa62e6d3514c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DialogBoxParamA
SetWindowTextA
EndDialog
GetDlgItemTextA
wsprintfA
SetDlgItemTextA
ReleaseCapture
SendMessageA

kernel32

GetEnvironmentStringsW
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
SetStdHandle
ReadFile
IsBadCodePtr
MultiByteToWideChar
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
RtlUnwind
RaiseException
HeapFree
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapAlloc
HeapSize
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
WriteFile
GetLastError
SetFilePointer
FlushFileBuffers
CloseHandle
SetUnhandledExceptionFilter
VirtualAlloc
IsBadWritePtr
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
IsBadReadPtr

Sections

.text
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 472B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Perfect_Keylogger_1.68.2_2/i_bpk2007.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 56KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Perfect_Keylogger_1.68.2_2/keygen.exe
.exe windows:4 windows x86 arch:x86

db9081ac6ed626baeaacaa62e6d3514c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DialogBoxParamA
SetWindowTextA
EndDialog
GetDlgItemTextA
wsprintfA
SetDlgItemTextA
ReleaseCapture
SendMessageA

kernel32

GetEnvironmentStringsW
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
SetStdHandle
ReadFile
IsBadCodePtr
MultiByteToWideChar
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
RtlUnwind
RaiseException
HeapFree
TerminateProcess
GetCurrentProcess
HeapReAlloc
HeapAlloc
HeapSize
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
WriteFile
GetLastError
SetFilePointer
FlushFileBuffers
CloseHandle
SetUnhandledExceptionFilter
VirtualAlloc
IsBadWritePtr
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
IsBadReadPtr

Sections

.text
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 472B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 56KB

UPX1 Size: 17KB - Virtual size: 20KB

.rsrc Size: 4KB - Virtual size: 8KB

Headers

File Characteristics

Sections

.text Size: 24KB - Virtual size: 24KB

.data Size: 2KB - Virtual size: 28KB

.idata Size: 2KB - Virtual size: 4KB

.rsrc Size: 9KB - Virtual size: 8KB

db9081ac6ed626baeaacaa62e6d3514c

Headers

File Characteristics

Imports

user32

kernel32

Sections

.text Size: 36KB - Virtual size: 34KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 4KB - Virtual size: 10KB

.rsrc Size: 4KB - Virtual size: 472B

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 56KB

UPX1 Size: 17KB - Virtual size: 20KB

.rsrc Size: 4KB - Virtual size: 8KB

Headers

File Characteristics

Sections

.text Size: 24KB - Virtual size: 24KB

.data Size: 2KB - Virtual size: 28KB

.idata Size: 2KB - Virtual size: 4KB

.rsrc Size: 9KB - Virtual size: 8KB

db9081ac6ed626baeaacaa62e6d3514c

Headers

File Characteristics

Imports

user32

kernel32

Sections

.text Size: 36KB - Virtual size: 34KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 4KB - Virtual size: 10KB

.rsrc Size: 4KB - Virtual size: 472B

UPX0
Size: - Virtual size: 56KB

UPX1
Size: 17KB - Virtual size: 20KB

.rsrc
Size: 4KB - Virtual size: 8KB

.text
Size: 24KB - Virtual size: 24KB

.data
Size: 2KB - Virtual size: 28KB

.idata
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 9KB - Virtual size: 8KB

.text
Size: 36KB - Virtual size: 34KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 4KB - Virtual size: 10KB

.rsrc
Size: 4KB - Virtual size: 472B

UPX0
Size: - Virtual size: 56KB

UPX1
Size: 17KB - Virtual size: 20KB

.rsrc
Size: 4KB - Virtual size: 8KB

.text
Size: 24KB - Virtual size: 24KB

.data
Size: 2KB - Virtual size: 28KB

.idata
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 9KB - Virtual size: 8KB

.text
Size: 36KB - Virtual size: 34KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 4KB - Virtual size: 10KB

.rsrc
Size: 4KB - Virtual size: 472B