c950d7f6297f810e2159ee103b27f8e3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c950d7f6297f810e2159ee103b27f8e3_JaffaCakes118
Size

416KB
MD5

c950d7f6297f810e2159ee103b27f8e3
SHA1

860d9aa9961d622d2d690b63700dd7a6eb3e89e8
SHA256

7cfa511a25d96dc2690b011b7b5995cdce167885949124e930f2560a225ca82f
SHA512

9b38cda46134966ff40b3971e53f79a50bc2ec4563807dcc2797b1ab53e79750897dd19d359a141173bbc9ae246c680c87ac412ef9d5c81bb4c0196404f4e688
SSDEEP

6144:C/k9NMW61P5Sb5d8E0B3kNdyISOc78fTsysYDYRXKXt+xgAsOTshODkmqCk3iQ7K:CyNu1RSdd8E0BUNdyBQrsyvXxOQ1C+O/

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c950d7f6297f810e2159ee103b27f8e3_JaffaCakes118

Files

c950d7f6297f810e2159ee103b27f8e3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

00c4e35ca072f8c95639eaf7972ec0c6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
GlobalSize
HeapDestroy
HeapCreate
IsBadCodePtr
SetFileTime
GetCurrentThreadId
FindClose
EnumSystemCodePagesW
CompareFileTime
SetFilePointer
GetFileSize
HeapFree
HeapAlloc
WriteFile
ReadFile
GetFileTime
GetCommandLineA
GetCommandLineW
lstrcmpA
GetProcessHeap
GetVersionExA
GetACP
GetOEMCP
GetUserDefaultLangID
GetLocaleInfoA
GetStartupInfoA
CreateEventA
GetLastError
WaitForSingleObject
FreeLibrary
ExitProcess
MulDiv
SetEvent
CloseHandle
GlobalLock
GlobalUnlock
Sleep
GetTimeFormatA
GetTimeFormatW
GetDateFormatA
GetDateFormatW
CreateProcessA
CreateProcessW
ExpandEnvironmentStringsA
ExpandEnvironmentStringsW
SearchPathA
SearchPathW
GetFullPathNameA
GetFullPathNameW
GetModuleHandleW
LoadLibraryA
LoadLibraryW
SetCurrentDirectoryA
SetCurrentDirectoryW
FindFirstFileA
FindFirstFileW
SetFileAttributesA
SetFileAttributesW
GetFileAttributesW
CreateFileA
CreateFileW
GetModuleFileNameA
GetModuleFileNameW
GetCurrentDirectoryA
GetCurrentDirectoryW
FindNextFileA
FindNextFileW
WideCharToMultiByte
GetWindowsDirectoryW
GetModuleHandleA
GetProcAddress
GetFileAttributesA
MultiByteToWideChar
lstrlenW
lstrlenA
GlobalFree
IsBadWritePtr
GlobalAlloc

user32

PostQuitMessage
DestroyAcceleratorTable
EnableMenuItem
DestroyCursor
SetTimer
GetWindow
CheckMenuItem
GetQueueStatus
GetKeyboardState
CheckMenuRadioItem
GetSystemMetrics
SetClassLongA
GetClassLongA
DrawMenuBar
DeleteMenu
GetSubMenu
LoadCursorA
GetKeyboardLayout
IsWindowVisible
GetClassNameW
GetClassNameA
SetWindowPos
SetScrollInfo
GetScrollInfo
ReleaseCapture
CallNextHookEx
MapVirtualKeyW
MapVirtualKeyA
UnhookWindowsHookEx
GetDlgItem
EndDialog
IsChild
RedrawWindow
MoveWindow
SetCapture
ActivateKeyboardLayout
SetForegroundWindow
SetActiveWindow
GetActiveWindow
SystemParametersInfoA
LoadMenuA
LoadMenuW
LoadAcceleratorsA
LoadAcceleratorsW
LoadIconA
LoadIconW
LoadImageA
LoadImageW
CreateDialogParamA
CreateDialogParamW
DialogBoxParamA
DialogBoxParamW
EnumThreadWindows
WaitForInputIdle
GetCapture
EnableWindow
CloseClipboard
GetClipboardData
OpenClipboard
EndPaint
DrawFrameControl
BeginPaint
FrameRect
SetDlgItemInt
GetDlgItemInt
SetWindowsHookExA
CharUpperA
HideCaret
ShowCaret
MessageBeep
IsClipboardFormatAvailable
SetCaretPos
UnregisterClassA
UnregisterClassW
CreateCaret
DefFrameProcA
SetClipboardData
EmptyClipboard
ScrollWindow
GetUpdateRect
ShowScrollBar
GetDoubleClickTime
GetMessageTime
IntersectRect
RegisterClipboardFormatA
RegisterClipboardFormatW
LoadCursorW
ShowWindow
TranslateMessage
ModifyMenuA
ModifyMenuW
InsertMenuA
InsertMenuW
AppendMenuA
AppendMenuW
SetDlgItemTextA
SetDlgItemTextW
SetWindowTextA
SetWindowTextW
FindWindowExA
FindWindowExW
CreateMDIWindowA
CreateMDIWindowW
CreateWindowExA
CreateWindowExW
RegisterClassA
RegisterClassW
ScreenToClient
TrackPopupMenu
GetSystemMenu
KillTimer
SetCursor
GetMenuStringA
GetMenuStringW
LoadStringA
LoadStringW
SendMessageW
IsDialogMessageA
IsDialogMessageW
TranslateAcceleratorA
TranslateAcceleratorW
DispatchMessageA
DispatchMessageW
PeekMessageA
PeekMessageW
GetMessageA
GetMessageW
GetDlgItemTextA
GetDlgItemTextW
GetWindowTextA
GetWindowTextW
GetWindowTextLengthA
GetWindowTextLengthW
SetWindowLongA
SetWindowLongW
GetWindowLongA
GetWindowLongW
GetKeyNameTextA
GetKeyNameTextW
DefWindowProcA
DefWindowProcW
InvalidateRect
UpdateWindow
ValidateRect
GetDC
GetClientRect
GetSysColorBrush
FillRect
GetFocus
DrawFocusRect
DrawEdge
DefFrameProcW
GetKeyState
CreatePopupMenu
DestroyMenu
DefMDIChildProcA
DefMDIChildProcW
SetFocus
DestroyCaret
ClientToScreen
GetSysColor
IsWindowEnabled
DrawStateA
ReleaseDC
IsWindowUnicode
CallWindowProcA
CallWindowProcW
GetDlgCtrlID
GetParent
PostMessageA
GetCursorPos
PtInRect
GetWindowRect
DestroyWindow
SendMessageA
MessageBoxW
DestroyIcon

gdi32

BitBlt
PlayEnhMetaFile
CreateSolidBrush
CreateCompatibleBitmap
CreateCompatibleDC
DeleteEnhMetaFile
CloseEnhMetaFile
CreateEnhMetaFileW
CreateEnhMetaFileA
CreateDIBSection
StartPage
GetBkMode
ExtTextOutA
TextOutA
TextOutW
SetBkMode
SetBkColor
SetTextColor
GetTextMetricsA
GetTextMetricsW
CreateRectRgn
EndPage
EndDoc
GetTextAlign
SetTextAlign
ExtTextOutW
CreateBitmap
CreatePatternBrush
PatBlt
GetDeviceCaps
DeleteDC
CreateDCW
CreateDCA
GetObjectA
GetObjectW
GetStockObject
StartDocA
StartDocW
CreateFontIndirectA
CreateFontIndirectW
CreatePen
SelectObject
MoveToEx
LineTo
GetTextExtentPoint32W
DeleteObject

advapi32

RegSetValueExA
RegDeleteValueA
RegEnumValueA
RegOpenKeyExA
RegEnumValueW
RegCreateKeyExW
RegCreateKeyExA
RegEnumKeyExW
RegDeleteKeyA
RegDeleteKeyW
RegDeleteValueW
RegCloseKey
RegSetValueExW
RegQueryValueExA
RegQueryValueExW
RegOpenKeyExW

shell32

SHChangeNotify
SHGetMalloc
DragAcceptFiles
ShellExecuteA
ShellExecuteW
DragQueryFileA
DragQueryFileW
DragFinish

comctl32

ImageList_ReplaceIcon
ImageList_SetBkColor
ImageList_Create
ord17
PropertySheetW
ImageList_Destroy
PropertySheetA

comdlg32

PageSetupDlgW
PageSetupDlgA
GetSaveFileNameW
ChooseColorW
PrintDlgW
PrintDlgA
ChooseFontA
ChooseFontW
GetOpenFileNameA
GetSaveFileNameA
GetOpenFileNameW
ChooseColorA

ole32

ReleaseStgMedium
RevokeDragDrop
RegisterDragDrop
OleInitialize
OleUninitialize
DoDragDrop

imm32

ImmSetCompositionFontA
ImmSetCompositionFontW
ImmGetCompositionStringW
ImmEscapeW
ImmSetCandidateWindow
ImmGetContext
ImmSetCompositionWindow
ImmReleaseContext

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueA

Sections

.text
Size: 254KB - Virtual size: 253KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.UPX0
Size: 104KB - Virtual size: 252KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

00c4e35ca072f8c95639eaf7972ec0c6

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

comctl32

comdlg32

ole32

imm32

version

Sections

.text Size: 254KB - Virtual size: 253KB

.rdata Size: 16KB - Virtual size: 16KB

.data Size: 1024B - Virtual size: 136KB

.rsrc Size: 40KB - Virtual size: 39KB

.UPX0 Size: 104KB - Virtual size: 252KB

.text
Size: 254KB - Virtual size: 253KB

.rdata
Size: 16KB - Virtual size: 16KB

.data
Size: 1024B - Virtual size: 136KB

.rsrc
Size: 40KB - Virtual size: 39KB

.UPX0
Size: 104KB - Virtual size: 252KB