a52a0c9fb1e9f4f95815a1ee2ab7aff2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

a52a0c9fb1e9f4f95815a1ee2ab7aff2_JaffaCakes118
Size

175KB
MD5

a52a0c9fb1e9f4f95815a1ee2ab7aff2
SHA1

b7ecb0bafb61d0224795dd8fa9ee23bd45cf8c1c
SHA256

9fbceca23553f41a6f21fa7d0c58b78e0c992d1e6c1f45e5b77269fd770a486f
SHA512

2de7ad7a7e105b0fdf926779f0bb7e6a7cf5d374960a41cf92518747ff48d7a47797d9dbddeaeaddef7b7936e6cfe73484ab9354b41a4b3e91c3ad2ac17e0fcb
SSDEEP

3072:JeeChkt6SWeKqtw30oRhEVvJDTenV4g/t2uDSNuoRRL/y9UfzUWY5DxM:JzCit4elcihJnenDQwSN7yiODx

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a52a0c9fb1e9f4f95815a1ee2ab7aff2_JaffaCakes118

Files

a52a0c9fb1e9f4f95815a1ee2ab7aff2_JaffaCakes118
.dll windows:4 windows x86 arch:x86

2ccf2c4cb8968f93fa5905c895fa465b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc71

ord265

msvcr71

__CppXcptFilter

kernel32

CreateRemoteThread
GetModuleHandleA
LoadLibraryA
VirtualAlloc
GetModuleFileNameA
ExitProcess

user32

SetWindowsHookExA
MessageBoxA

msvcp71

??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z

Exports

Exports

a234
a99
ua234

Sections

.text
Size: - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 808B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.UPX0
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.UPX1
Size: - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.UPX2
Size: 171KB - Virtual size: 171KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 188B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2ccf2c4cb8968f93fa5905c895fa465b

Headers

File Characteristics

Imports

mfc71

msvcr71

kernel32

user32

msvcp71

Exports

Exports

Sections

.text Size: - Virtual size: 9KB

.rdata Size: - Virtual size: 3KB

.data Size: - Virtual size: 11KB

.tdata Size: 1KB - Virtual size: 1KB

.rsrc Size: 1024B - Virtual size: 808B

.UPX0 Size: - Virtual size: 2KB

.UPX1 Size: - Virtual size: 118KB

.UPX2 Size: 171KB - Virtual size: 171KB

.reloc Size: 512B - Virtual size: 188B

.text
Size: - Virtual size: 9KB

.rdata
Size: - Virtual size: 3KB

.data
Size: - Virtual size: 11KB

.tdata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 808B

.UPX0
Size: - Virtual size: 2KB

.UPX1
Size: - Virtual size: 118KB

.UPX2
Size: 171KB - Virtual size: 171KB

.reloc
Size: 512B - Virtual size: 188B