b263f784775306aeaf89e779e4797cab_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b263f784775306aeaf89e779e4797cab_JaffaCakes118
Size

1.4MB
MD5

b263f784775306aeaf89e779e4797cab
SHA1

e2d10fa1c7b2a7e8fd215e97dcf5f064a84d76df
SHA256

9ffd36ef6d9674ffdb3be0b1f1d7f6e2a6ebd158723d86a8d73d799b07c088be
SHA512

6f69ff77ac8a28daea2f3b77de8e0ba5c8b97e85a83909a3be3814c66adea0ee23d7541ec1828a5d8eb5de9add7c24709bcf84c35e90555239c14b8075426ba2
SSDEEP

24576:Dnc0xa+xDaWhzSenZncQfT0ExftQqDEunbIEzW+/m/rF7kc:Dn7VxWWhzSenZncQLVxft5DEub7zWYNc

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b263f784775306aeaf89e779e4797cab_JaffaCakes118

Files

b263f784775306aeaf89e779e4797cab_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8864948b624a33b260714f546b0b4009

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateFileA
CreateThread
DeleteFileA
ExitProcess
ExitThread
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetTempFileNameA
GetTempPathA
GetVersionExA
LoadLibraryA
LoadLibraryExA
OpenProcess
WriteProcessMemory
VirtualAlloc
VirtualFree
WriteFile

Sections

UPX0
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pe
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 880KB - Virtual size: 876KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pebundle
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pe
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 228KB - Virtual size: 226KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 24KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pebundle
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8864948b624a33b260714f546b0b4009

Headers

File Characteristics

Imports

kernel32

Sections

UPX0 Size: - Virtual size: 36KB

UPX1 Size: 9KB - Virtual size: 12KB

.rsrc Size: 5KB - Virtual size: 8KB

.pe Size: 4KB - Virtual size: 4KB

.text Size: 880KB - Virtual size: 876KB

.data Size: 40KB - Virtual size: 38KB

.rsrc Size: 48KB - Virtual size: 45KB

.reloc Size: 64KB - Virtual size: 62KB

pebundle Size: 8KB - Virtual size: 8KB

.pe Size: 4KB - Virtual size: 4KB

.text Size: 228KB - Virtual size: 226KB

.rdata Size: 68KB - Virtual size: 64KB

.data Size: 24KB - Virtual size: 26KB

.rsrc Size: 4KB - Virtual size: 952B

.reloc Size: 12KB - Virtual size: 10KB

pebundle Size: 8KB - Virtual size: 8KB

UPX0
Size: - Virtual size: 36KB

UPX1
Size: 9KB - Virtual size: 12KB

.rsrc
Size: 5KB - Virtual size: 8KB

.pe
Size: 4KB - Virtual size: 4KB

.text
Size: 880KB - Virtual size: 876KB

.data
Size: 40KB - Virtual size: 38KB

.rsrc
Size: 48KB - Virtual size: 45KB

.reloc
Size: 64KB - Virtual size: 62KB

pebundle
Size: 8KB - Virtual size: 8KB

.pe
Size: 4KB - Virtual size: 4KB

.text
Size: 228KB - Virtual size: 226KB

.rdata
Size: 68KB - Virtual size: 64KB

.data
Size: 24KB - Virtual size: 26KB

.rsrc
Size: 4KB - Virtual size: 952B

.reloc
Size: 12KB - Virtual size: 10KB

pebundle
Size: 8KB - Virtual size: 8KB