d4fdb57ff437e0e335e31716c227d7c2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d4fdb57ff437e0e335e31716c227d7c2_JaffaCakes118
Size

483KB
MD5

d4fdb57ff437e0e335e31716c227d7c2
SHA1

cd82563b346303e2b5ac7837712a7c65df9c262a
SHA256

cfe8169f1abe89f0bb7fe0a9ebd24e2b0b8ed736b4a03d559224c9085e43bef3
SHA512

9995d17a7583e96473171c40ac59b5e2348b31f437164cc90d0b8356fed1cd766def6a25f6f18a07fe8bb0aa78e2d2a64c256a318c21f4d667d072ccca13cc10
SSDEEP

6144:ylkcaZRDMKff2K7bwC7eQ2vPTwXNZp0/ODXCufxwDHI9+BzMrlF6OHVsIJ:akc8zHTf17IHwLysXC4wDHI9PF6OHVsy

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d4fdb57ff437e0e335e31716c227d7c2_JaffaCakes118

Files

d4fdb57ff437e0e335e31716c227d7c2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9c8decf3582072f6edfc385a689f44f4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateDirectoryA
CreateFileA
DeleteFileA
ExitProcess
FreeLibrary
GetCommandLineA
GetFileTime
GetModuleHandleA
GetProcAddress
GetSystemDirectoryA
GetTempPathA
GetWindowsDirectoryA
LoadLibraryA
lstrcatA
lstrcmpiA
RemoveDirectoryA
SetFileTime
VirtualAlloc
VirtualFree
WriteFile

Sections

UPX0
Size: - Virtual size: 860KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 223KB - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pebundle
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pebundle
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pebundle
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pebundle
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pebundle
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pebundle
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pebundle
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pebundle
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pebundle
Size: 25KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pebundle
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pebundle
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pebundle
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pebundle
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pebundle
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pebundle
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pebundle
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pebundle
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pebundle
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pebundle
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pebundle
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pebundle
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pebundle
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9c8decf3582072f6edfc385a689f44f4

Headers

File Characteristics

Imports

kernel32

Sections

UPX0 Size: - Virtual size: 860KB

UPX1 Size: 223KB - Virtual size: 224KB

.rsrc Size: 11KB - Virtual size: 12KB

pebundle Size: 6KB - Virtual size: 8KB

pebundle Size: 8KB - Virtual size: 8KB

pebundle Size: 15KB - Virtual size: 16KB

pebundle Size: 8KB - Virtual size: 8KB

pebundle Size: 17KB - Virtual size: 20KB

pebundle Size: 8KB - Virtual size: 8KB

pebundle Size: 4KB - Virtual size: 8KB

pebundle Size: 8KB - Virtual size: 8KB

pebundle Size: 25KB - Virtual size: 28KB

pebundle Size: 8KB - Virtual size: 8KB

pebundle Size: 1KB - Virtual size: 4KB

pebundle Size: 8KB - Virtual size: 8KB

pebundle Size: 11KB - Virtual size: 12KB

pebundle Size: 8KB - Virtual size: 8KB

pebundle Size: 7KB - Virtual size: 8KB

pebundle Size: 8KB - Virtual size: 8KB

pebundle Size: 1024B - Virtual size: 4KB

pebundle Size: 8KB - Virtual size: 8KB

pebundle Size: 512B - Virtual size: 4KB

pebundle Size: 8KB - Virtual size: 8KB

pebundle Size: 2KB - Virtual size: 4KB

pebundle Size: 8KB - Virtual size: 8KB

UPX0
Size: - Virtual size: 860KB

UPX1
Size: 223KB - Virtual size: 224KB

.rsrc
Size: 11KB - Virtual size: 12KB

pebundle
Size: 6KB - Virtual size: 8KB

pebundle
Size: 8KB - Virtual size: 8KB

pebundle
Size: 15KB - Virtual size: 16KB

pebundle
Size: 8KB - Virtual size: 8KB

pebundle
Size: 17KB - Virtual size: 20KB

pebundle
Size: 8KB - Virtual size: 8KB

pebundle
Size: 4KB - Virtual size: 8KB

pebundle
Size: 8KB - Virtual size: 8KB

pebundle
Size: 25KB - Virtual size: 28KB

pebundle
Size: 8KB - Virtual size: 8KB

pebundle
Size: 1KB - Virtual size: 4KB

pebundle
Size: 8KB - Virtual size: 8KB

pebundle
Size: 11KB - Virtual size: 12KB

pebundle
Size: 8KB - Virtual size: 8KB

pebundle
Size: 7KB - Virtual size: 8KB

pebundle
Size: 8KB - Virtual size: 8KB

pebundle
Size: 1024B - Virtual size: 4KB

pebundle
Size: 8KB - Virtual size: 8KB

pebundle
Size: 512B - Virtual size: 4KB

pebundle
Size: 8KB - Virtual size: 8KB

pebundle
Size: 2KB - Virtual size: 4KB

pebundle
Size: 8KB - Virtual size: 8KB