b3c3cf4aff8656f0f9bd1510e941cee2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b3c3cf4aff8656f0f9bd1510e941cee2_JaffaCakes118
Size

4.3MB
MD5

b3c3cf4aff8656f0f9bd1510e941cee2
SHA1

2bdc8cacb63ed1c80d715572147640fdc838b3f7
SHA256

d90a086a36669ccebf2ba4d8771e721ef4de52525c6c2e4c63c4ab38b520337c
SHA512

dfeb58b1e22c7b881670d6dd7c17eb314118447bd517397560bc2e7a382523a70907682c63aa8e47110a0e36061e8df211ab893b913a463a9a9286ae69b9fb3d
SSDEEP

98304:NYgQU0HWEnoMQ/H/HT4FoEWChTxHv4MdBQvFc+hbvFzM1U3hvMX5+ZAJ86FhBoJ6:NdQLOMQ3UFoEWsTa+QF1vJ/C+wDBck

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/docs/help.exe	upx
static1/unpack001/interface.dll	upx
static1/unpack001/tools/KeyCreator.exe	upx

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
unpack001/docs/help.exe
unpack001/eBookMaker.exe
unpack001/interface.dll
unpack001/tools/KeyCreator.exe

Files

b3c3cf4aff8656f0f9bd1510e941cee2_JaffaCakes118
.rar
docs/help.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 2.2MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 916KB - Virtual size: 916KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
eBookMaker.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.text
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 216KB - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text1
Size: 320KB - Virtual size: 320KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc1
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.pdata
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 716KB - Virtual size: 716KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
interface.dll
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 2.2MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 916KB - Virtual size: 916KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
languages/language.ini
languages/s_chinese.ini
splash.bmp
tools/KeyCreator.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 1.5MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 617KB - Virtual size: 620KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
安装说明.url
.url

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 2.2MB

UPX1 Size: 916KB - Virtual size: 916KB

.rsrc Size: 31KB - Virtual size: 32KB

Headers

File Characteristics

Sections

.text Size: 2.6MB - Virtual size: 2.6MB

.itext Size: 16KB - Virtual size: 16KB

.data Size: 32KB - Virtual size: 32KB

.bss Size: 28KB - Virtual size: 28KB

.idata Size: 16KB - Virtual size: 16KB

.tls Size: 4KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 4KB

.reloc Size: 216KB - Virtual size: 216KB

.text1 Size: 320KB - Virtual size: 320KB

.adata Size: 64KB - Virtual size: 64KB

.data1 Size: 64KB - Virtual size: 64KB

.reloc1 Size: 64KB - Virtual size: 64KB

.pdata Size: 1.6MB - Virtual size: 1.6MB

.rsrc Size: 716KB - Virtual size: 716KB

.idata Size: 4KB - Virtual size: 4KB

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 2.2MB

UPX1 Size: 916KB - Virtual size: 916KB

.rsrc Size: 31KB - Virtual size: 32KB

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 1.5MB

UPX1 Size: 617KB - Virtual size: 620KB

.rsrc Size: 52KB - Virtual size: 52KB

UPX0
Size: - Virtual size: 2.2MB

UPX1
Size: 916KB - Virtual size: 916KB

.rsrc
Size: 31KB - Virtual size: 32KB

.text
Size: 2.6MB - Virtual size: 2.6MB

.itext
Size: 16KB - Virtual size: 16KB

.data
Size: 32KB - Virtual size: 32KB

.bss
Size: 28KB - Virtual size: 28KB

.idata
Size: 16KB - Virtual size: 16KB

.tls
Size: 4KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 4KB

.reloc
Size: 216KB - Virtual size: 216KB

.text1
Size: 320KB - Virtual size: 320KB

.adata
Size: 64KB - Virtual size: 64KB

.data1
Size: 64KB - Virtual size: 64KB

.reloc1
Size: 64KB - Virtual size: 64KB

.pdata
Size: 1.6MB - Virtual size: 1.6MB

.rsrc
Size: 716KB - Virtual size: 716KB

.idata
Size: 4KB - Virtual size: 4KB

UPX0
Size: - Virtual size: 2.2MB

UPX1
Size: 916KB - Virtual size: 916KB

.rsrc
Size: 31KB - Virtual size: 32KB

UPX0
Size: - Virtual size: 1.5MB

UPX1
Size: 617KB - Virtual size: 620KB

.rsrc
Size: 52KB - Virtual size: 52KB