ac81befb1487460830dba4337f984e9c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ac81befb1487460830dba4337f984e9c_JaffaCakes118
Size

1.4MB
MD5

ac81befb1487460830dba4337f984e9c
SHA1

404c5075cab66f5fd2da52409b71431f54694695
SHA256

a780981f807cd7f6eedfb758f8e8347ea22f060f0e770fb4e21e0026e1b89e9b
SHA512

b215ff26c020de6e79c1aa5018ed6968f912a4b08b00020a8d31652362f1091883c5eaae81ddd95a854df9d069c329dc98f5d1b80ad4cb20abd206e999f6f10a
SSDEEP

24576:d70yQerkycbdVNuvxUQSBcrDOjs9L2gzSFoDcs/nBhAJ6SmpseYRkn5iBD66lWp:h8ekycbtUxOgT9L2WHEJr4ZCu

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac81befb1487460830dba4337f984e9c_JaffaCakes118

Files

ac81befb1487460830dba4337f984e9c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

30f44e3d69d5d3cb02ce60f0c05658b1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileSize
CreateFileA
lstrlenA
MultiByteToWideChar
SearchPathA
LoadResource
WideCharToMultiByte
lstrcmpiA
LoadLibraryA
GlobalAddAtomA
GlobalDeleteAtom
MulDiv
OpenFile
_lclose
_lwrite
GetTickCount
FreeLibrary
lstrcmpA
lstrcpyA
GlobalGetAtomNameA
LockResource
SetErrorMode
FreeResource
ReleaseMutex
FindResourceA
CloseHandle
lstrlenW
WaitForSingleObject
GetUserDefaultLangID
CreateMutexA
GetTempFileNameA
OpenMutexA
WinExec
GetFileAttributesA
GetTempPathA
FindFirstFileA
GetVersionExA
GetProcAddress
FindClose
GetLogicalDrives
GetDriveTypeA
lstrcatA
FileTimeToSystemTime
SetFilePointer
CreateDirectoryA
IsBadReadPtr
CopyFileA
_lopen
CompareStringW
GetLastError
WriteFile
GlobalLock
GlobalAlloc
GetSystemTimeAsFileTime
CompareStringA
FlushFileBuffers
SetConsoleCtrlHandler
SetStdHandle
CreateProcessA
GetExitCodeProcess
IsBadCodePtr
GetStringTypeA
GetFullPathNameA
RaiseException
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStringTypeW
GetOEMCP
GetACP
GetCPInfo
IsBadWritePtr
GlobalFree
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
LCMapStringW
LCMapStringA
HeapSize
HeapReAlloc
HeapAlloc
HeapFree
RtlUnwind
GetCurrentProcess
TerminateProcess
SetCurrentDirectoryA
SetEnvironmentVariableA
GlobalUnlock
GetStartupInfoA
GetCommandLineA
GetModuleFileNameA
GetProfileIntA
GetCurrentDirectoryA
FileTimeToDosDateTime
FileTimeToLocalFileTime
GetFileTime
GetSystemTime
ReadFile
GetVolumeInformationA
SetUnhandledExceptionFilter
GetModuleHandleA
ExitProcess
SetEndOfFile
DeleteFileA
RemoveDirectoryA
FindNextFileA
MoveFileA
GlobalReAlloc
GlobalSize
SizeofResource
GetSystemDirectoryA
GetLogicalDriveStringsA
GetVersion
GetLocalTime
GetWindowsDirectoryA
WritePrivateProfileStringA
GetSystemInfo
GlobalHandle
_lread
_llseek
GetTimeZoneInformation

user32

TranslateMDISysAccel
IsClipboardFormatAvailable
GetMenu
SetCursor
LoadCursorA
ScreenToClient
CreateWindowExA
WindowFromPoint
GetCursorPos
EndPaint
BeginPaint
TranslateAcceleratorA
DestroyMenu
GetMessageA
LoadAcceleratorsA
DestroyWindow
SetForegroundWindow
BringWindowToTop
FindWindowA
RegisterWindowMessageA
IntersectRect
DrawMenuBar
GetKeyState
DefMDIChildProcA
GetLastActivePopup
GetParent
CreateDialogParamA
SetWindowTextA
GetClassNameA
DdeFreeStringHandle
CreatePopupMenu
MessageBoxA
ShowWindow
GetDlgItem
SetTimer
KillTimer
ModifyMenuA
RegisterClipboardFormatA
LoadMenuA
RegisterClassA
SetParent
DefWindowProcA
SetRectEmpty
InsertMenuA
GetMenuStringA
CreateMenu
RemoveMenu
CloseClipboard
OpenClipboard
ClientToScreen
SetScrollPos
ScrollWindow
SetScrollRange
InvalidateRgn
FrameRect
PtInRect
SetCapture
SetClipboardData
EmptyClipboard
GetClipboardData
IsRectEmpty
GetScrollPos
GetDlgCtrlID
CharUpperA
CharLowerA
InvertRect
GetWindowTextA
SetActiveWindow
GetActiveWindow
GetSystemMenu
GetDesktopWindow
GetDialogBaseUnits
GetCursor
wsprintfA
CharNextA
GetMenuItemID
GetFocus
GetTopWindow
SystemParametersInfoA
IsDialogMessageA
ShowCursor
RemovePropA
GetPropA
SetPropA
RedrawWindow
GetWindow
GetWindowPlacement
UnregisterClassA
EndDeferWindowPos
BeginDeferWindowPos
GetWindowDC
EnumWindows
OpenIcon
EnableMenuItem
CheckMenuItem
DdeUnaccessData
DdeCmpStringHandles
DdeAccessData
DdeNameService
DdeCreateStringHandleA
DdeInitializeA
DdeUninitialize
UpdateWindow
DrawTextA
GetCapture
ReleaseCapture
PostQuitMessage
DefFrameProcA
WinHelpA
GetSubMenu
AppendMenuA
GetMenuItemCount
GetMenuState
DeleteMenu
SetClassLongA
GetWindowTextLengthA
SetWindowLongA
AdjustWindowRectEx
SetWindowPos
MoveWindow
LoadStringA
CallWindowProcA
GetDC
ReleaseDC
FillRect
EnumChildWindows
SetWindowPlacement
AdjustWindowRect
OffsetRect
IsWindow
IsWindowVisible
IsIconic
GetWindowRect
MapWindowPoints
GetSystemMetrics
IsZoomed
MessageBeep
SetRect
TranslateMessage
DispatchMessageA
DefDlgProcA
LoadBitmapA
LoadIconA
DrawIcon
PeekMessageA
CheckDlgButton
SendMessageA
PostMessageA
GetClientRect
CopyRect
SetScrollInfo
GetSysColor
InflateRect
DrawFocusRect
IsWindowEnabled
GetWindowLongA
InvalidateRect
EndDialog
CheckRadioButton
GetNextDlgTabItem
TrackPopupMenu
ScrollWindowEx
SetDlgItemTextA
IsDlgButtonChecked
DialogBoxParamA
GetDlgItemTextA
EnableWindow
SendDlgItemMessageA
GetDlgItemInt
SetFocus
SetDlgItemInt

gdi32

CreateRectRgn
GetTextExtentPointA
CombineRgn
GetObjectA
SaveDC
UnrealizeObject
SetBrushOrgEx
SetBkColor
Escape
GetTextExtentPoint32A
DeleteMetaFile
PlayMetaFile
SetMetaFileBitsEx
ResetDCA
CreatePenIndirect
RoundRect
CreatePatternBrush
CreateMetaFileA
CreateCompatibleBitmap
BitBlt
RestoreDC
PatBlt
SetTextColor
CreateBitmap
GetTextMetricsA
SetBkMode
CreateFontIndirectA
CreateICA
Ellipse
CreateFontA
SetViewportOrgEx
SetViewportExtEx
SetAbortProc
StartDocA
StartPage
EndPage
EndDoc
RectVisible
StretchBlt
CreateBrushIndirect
GetClipBox
CreateDCA
GetBkColor
TextOutA
PolyPolyline
SetPixel
DeleteDC
SelectClipRgn
CreateDIBitmap
SetPixelV
DPtoLP
Polygon
SetROP2
GetPixel
Polyline
IntersectClipRect
LPtoDP
SetPaletteEntries
GetNearestPaletteIndex
UpdateColors
CreatePalette
SetDIBits
GetDIBits
CreateRectRgnIndirect
ExcludeClipRect
RealizePalette
GetPaletteEntries
MoveToEx
LineTo
SelectPalette
GetStockObject
SetMapMode
SetWindowExtEx
SetWindowOrgEx
SetStretchBltMode
StretchDIBits
CloseMetaFile
GetDeviceCaps
Rectangle
DeleteObject
SelectObject
CreateSolidBrush
CreateCompatibleDC
SetDIBitsToDevice
CreatePen

comdlg32

GetSaveFileNameA
ChooseColorA
ChooseFontA
CommDlgExtendedError
GetOpenFileNameA
PrintDlgA

shell32

DragFinish
ShellExecuteA
DragQueryFileA
DragAcceptFiles

ole32

WriteFmtUserTypeStg
OleCreateMenuDescriptor
CreateFileMoniker
CoDisconnectObject
OleBuildVersion
OleInitialize
OleSave
WriteClassStg
GetRunningObjectTable
CoGetMalloc
DoDragDrop
OleTranslateAccelerator
ReleaseStgMedium
RegisterDragDrop
RevokeDragDrop
CoLockObjectExternal
CreateDataAdviseHolder
OleRegEnumFormatEtc
CreateOleAdviseHolder
OleFlushClipboard
StgCreateDocfileOnILockBytes
OleDestroyMenuDescriptor
StgCreateDocfile
CreateILockBytesOnHGlobal
CoRegisterClassObject
CoRevokeClassObject
OleUninitialize
CoUninitialize
CoInitialize
CoCreateInstance

winmm

PlaySoundA
mciSendCommandA
mciSendStringA

avifil32

AVIFileCreateStreamA
AVIFileInit
AVIStreamLength
AVIStreamRead
AVIFileOpenA
AVIStreamOpenFromFileA
AVIStreamRelease
AVIStreamWrite
AVIMakeCompressedStream
AVIStreamSetFormat
AVIStreamReadFormat
AVIStreamInfoA
AVIStreamGetFrameClose
AVIStreamGetFrame
AVIStreamGetFrameOpen
AVIStreamFindSample
AVIFileExit
AVIFileRelease

msvfw32

ord2

comctl32

ord17

advapi32

RegQueryValueExA
RegDeleteValueA
RegSetValueExA
RegOpenKeyA
RegQueryValueA
RegCreateKeyA
RegSetValueA
RegOpenKeyExA
RegCloseKey
RegEnumValueA
RegCreateKeyExA
RegDeleteKeyA

oleaut32

SysStringLen
SysAllocStringLen
SysAllocString
SysFreeString

capdll32

_DoOrder

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

UPX0
Size: 144KB - Virtual size: 380KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

30f44e3d69d5d3cb02ce60f0c05658b1

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

shell32

ole32

winmm

avifil32

msvfw32

comctl32

advapi32

oleaut32

capdll32

winspool.drv

version

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 60KB - Virtual size: 58KB

.data Size: 52KB - Virtual size: 89KB

.rsrc Size: 20KB - Virtual size: 19KB

UPX0 Size: 144KB - Virtual size: 380KB

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 60KB - Virtual size: 58KB

.data
Size: 52KB - Virtual size: 89KB

.rsrc
Size: 20KB - Virtual size: 19KB

UPX0
Size: 144KB - Virtual size: 380KB