eacc9b3bc2c3e18c86bdfa1bf524c0c4_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

eacc9b3bc2c3e18c86bdfa1bf524c0c4_JaffaCakes118
Size

231KB
MD5

eacc9b3bc2c3e18c86bdfa1bf524c0c4
SHA1

b9f70eb97673f02129d7a490caa3eb0d9a880ceb
SHA256

1448734669ffd4ba9aafae997164a82e729a93f08fe4e32484d93544845bf8d1
SHA512

4e17e60564247aa1471a9a7f8d07ecb873287615de929650859b25ad9299a7beb0c80dc9d7f836fcdfd5672218375687a11ac3c0494746e94c4e13ccab36cbb0
SSDEEP

6144:4xn4ss2bbbHuwY/XSnCb6jQhI1P5NjOUe66vwIf:4x4s5bbbHuwY/XSCzWZDOpLf

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eacc9b3bc2c3e18c86bdfa1bf524c0c4_JaffaCakes118

Files

eacc9b3bc2c3e18c86bdfa1bf524c0c4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c3242bdac60c485ca3a9b7062f00c6cc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetStringTypeA
LCMapStringW
LCMapStringA
WriteFileEx
LoadLibraryA
GetProcAddress
HeapReAlloc
VirtualAlloc
HeapAlloc
GlobalWire
SetSystemTime
SetNamedPipeHandleState
GetLongPathNameA
GetVolumeInformationA
GlobalAlloc
MultiByteToWideChar
SetHandleCount
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetStdHandle
GetFileType
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetLastError
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
GetOEMCP
GetStringTypeW
VirtualProtect

user32

DrawCaption
GetClassNameA
LoadMenuIndirectA
GetMessageExtraInfo
ReuseDDElParam
CharPrevExA
LookupIconIdFromDirectory
mouse_event
IsCharAlphaNumericA

gdi32

SetBrushOrgEx
GetDIBits
GetWinMetaFileBits
RemoveFontResourceW
CreateBitmap
GetTextFaceW
GetEnhMetaFileDescriptionW

Sections

.text
Size: - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.UPX0
Size: - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.UPX1
Size: 230KB - Virtual size: 229KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c3242bdac60c485ca3a9b7062f00c6cc

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: - Virtual size: 15KB

.rdata Size: - Virtual size: 2KB

.data Size: - Virtual size: 95KB

.UPX0 Size: - Virtual size: 91KB

.UPX1 Size: 230KB - Virtual size: 229KB

.text
Size: - Virtual size: 15KB

.rdata
Size: - Virtual size: 2KB

.data
Size: - Virtual size: 95KB

.UPX0
Size: - Virtual size: 91KB

.UPX1
Size: 230KB - Virtual size: 229KB