abda47c386d8b2e702f0acb565fc3589_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

abda47c386d8b2e702f0acb565fc3589_JaffaCakes118
Size

1.1MB
MD5

abda47c386d8b2e702f0acb565fc3589
SHA1

73e9980561b4c02b054b63de92f644aab5855d48
SHA256

074cf1a32d8bb93fe44a07057815c0524d35051fbbb311c5f602c1454570a2d4
SHA512

a1ff64bfa22440334cfeae9aca37a7255d3f7aadb2a1ebda85bb3e9871e4260eb0b21efbbb27a50e622a9b22980bf9362a2071ec1839a27f259b1cdc07619f42
SSDEEP

24576:BhcHXuzFU2WC8JZv+RB9nyaDBlD7ttrjL3L32UYkzrrKj:XC+q2Wx2xNBZBRjPwkzXKj

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/UUCall电话宝.exe	upx

Files

abda47c386d8b2e702f0acb565fc3589_JaffaCakes118
.rar
155绿色软件站.url
.url
UUCall电话宝.exe
.exe windows:5 windows x86 arch:x86

Code Sign

42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

25/04/2007, 00:00

Not After

09/07/2019, 18:40

Subject

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
ExtKeyUsageClientAuth

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

43:73:c5:9c:4f:32:a9:e5:b5:d3:de:f1:26:9a:12:0d
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30/04/2007, 00:00

Not After

29/04/2012, 23:59

Subject

CN=WoSign Time Stamping Signer,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c2:91:0c:8a:63:50:c4:01:88:3e:84:6b:0d:57:fc:e3
Certificate

Issuer

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Not Before

26/01/2011, 00:00

Not After

25/01/2014, 23:59

Subject

CN=Asia-Pacific Technology Group Co.Limited,OU=WoSign Class 3 Code Signing,O=Asia-Pacific Technology Group Co.Limited,L=hongkong,ST=hongkong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

bc:fe:07:cc:6e:00:70:75:07:ae:6c:5c:4b:95:cd:45:9b:30:3b:28
Signer

Actual PE Digest

bc:fe:07:cc:6e:00:70:75:07:ae:6c:5c:4b:95:cd:45:9b:30:3b:28

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 3.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Code Sign

42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04Certificate

Extended Key Usages

Key Usages

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1bCertificate

Extended Key Usages

Key Usages

43:73:c5:9c:4f:32:a9:e5:b5:d3:de:f1:26:9a:12:0dCertificate

Extended Key Usages

Key Usages

c2:91:0c:8a:63:50:c4:01:88:3e:84:6b:0d:57:fc:e3Certificate

Extended Key Usages

Key Usages

bc:fe:07:cc:6e:00:70:75:07:ae:6c:5c:4b:95:cd:45:9b:30:3b:28Signer

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 3.4MB

UPX1 Size: 1.1MB - Virtual size: 1.1MB

.rsrc Size: 92KB - Virtual size: 92KB

42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04
Certificate

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

43:73:c5:9c:4f:32:a9:e5:b5:d3:de:f1:26:9a:12:0d
Certificate

c2:91:0c:8a:63:50:c4:01:88:3e:84:6b:0d:57:fc:e3
Certificate

bc:fe:07:cc:6e:00:70:75:07:ae:6c:5c:4b:95:cd:45:9b:30:3b:28
Signer

UPX0
Size: - Virtual size: 3.4MB

UPX1
Size: 1.1MB - Virtual size: 1.1MB

.rsrc
Size: 92KB - Virtual size: 92KB