ee853c3a359058ae44734912d6cf6cbe_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ee853c3a359058ae44734912d6cf6cbe_JaffaCakes118
Size

2.3MB
MD5

ee853c3a359058ae44734912d6cf6cbe
SHA1

1fa3b14ce55ef939a9bbb466e628ee11b33dba7e
SHA256

4517bb5a59310e5412ab90e4e741bec4124990f61897672b75c7e1afe0e959e9
SHA512

1cb670e54674e85f1cde5fd59aa5f4feea5cef2074e88604fa09012c277bc8e16b38209e28d53f2a7e4567f0ccded5ac056f5373d7945857881376b9e17a9ff5
SSDEEP

49152:HIiEK54KS/mF2mEEjlavGhS5KDoy/8yCRgTpQGIdMp3dHJZ1gSRQFl0n:HIiEKT2GphSsDmiOrM1tJngoQbC

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
ee853c3a359058ae44734912d6cf6cbe_JaffaCakes118
unpack001/out.upx

Files

ee853c3a359058ae44734912d6cf6cbe_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 2.6MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 109KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Exports

Exports

@$xp$11TTrayIconXP
@$xp$14TProgressBarMy
@$xp$17TPerformanceGraph
@@Download@Finalize
@@Download@Initialize
@@Frame3@Finalize
@@Frame3@Initialize
@@Frame@Finalize
@@Frame@Initialize
@@Help@Finalize
@@Help@Initialize
@@Inet@Finalize
@@Inet@Initialize
@@Inetdown@Finalize
@@Inetdown@Initialize
@@Install@Finalize
@@Install@Initialize
@@Loadform@Finalize
@@Loadform@Initialize
@@Main@Finalize
@@Main@Initialize
@@Media@Finalize
@@Media@Initialize
@@Perfgrap@Finalize
@@Perfgrap@Initialize
@@Pmode@Finalize
@@Pmode@Initialize
@@Privacyframe@Finalize
@@Privacyframe@Initialize
@@Progressbar1@Finalize
@@Progressbar1@Initialize
@@Promo@Finalize
@@Promo@Initialize
@@Run@Finalize
@@Run@Initialize
@@Scan@Finalize
@@Scan@Initialize
@@Settings@Finalize
@@Settings@Initialize
@@Ssdt@Finalize
@@Ssdt@Initialize
@@Sysinfo@Finalize
@@Sysinfo@Initialize
@@Trayicon@Finalize
@@Trayicon@Initialize
@@Trayiconxp@Finalize
@@Trayiconxp@Initialize
@@Unit2@Finalize
@@Unit2@Initialize
@@Unit7@Finalize
@@Unit7@Initialize
@@Unitform1@Finalize
@@Unitform1@Initialize
@@User@Finalize
@@User@Initialize
@@Utils@Finalize
@@Utils@Initialize
@@Utilsunit@Finalize
@@Utilsunit@Initialize
@@Warninig@Finalize
@@Warninig@Initialize
@@Www@Finalize
@@Www@Initialize
@Progressbar1@Register$qqrv
@TPerformanceGraph@
@TPerformanceGraph@$bctr$qqrp18Classes@TComponent
@TPerformanceGraph@$bdtr$qqrv
@TPerformanceGraph@DataPoint$qqr15Graphics@TColorl
@TPerformanceGraph@DisplayPoints$qqrl
@TPerformanceGraph@FirstY$qqrv
@TPerformanceGraph@GetBandCount$qqrv
@TPerformanceGraph@Initialize$qqrl
@TPerformanceGraph@LastY$qqri
@TPerformanceGraph@NextY$qqri
@TPerformanceGraph@Paint$qqrv
@TPerformanceGraph@PaintBar$qqr15Graphics@TColorll
@TPerformanceGraph@PaintLine$qqr15Graphics@TColorll
@TPerformanceGraph@ReallocHistory$qqrv
@TPerformanceGraph@Replay$qqrv
@TPerformanceGraph@RoundUp$qqrll
@TPerformanceGraph@ScrollGraph$qqrv
@TPerformanceGraph@SetBackColor$qqr15Graphics@TColor
@TPerformanceGraph@SetForeColor$qqr15Graphics@TColor
@TPerformanceGraph@SetGradient$qqrl
@TPerformanceGraph@SetGraphKind$qqr10TGraphKind
@TPerformanceGraph@SetGridSize$qqrl
@TPerformanceGraph@SetGridlines$qqro
@TPerformanceGraph@SetPenWidth$qqrl
@TPerformanceGraph@SetScale$qqrl
@TPerformanceGraph@SetStepSize$qqrl
@TPerformanceGraph@ShiftY$qqrv
@TPerformanceGraph@Update$qqrv
@TProgressBarMy@
@TProgressBarMy@$bctr$qqrp18Classes@TComponent
@TProgressBarMy@PaintTo$qqrp5HDC__ii
@TTrayIconXP@
@TTrayIconXP@$bctr$qqrp18Classes@TComponent
@Trayiconxp@Register$qqrv
_Form1
_Form10
_Form2
_Form3
_Form4
_Form5
_Form6
_Form7
_Form8
_Form9
_Frame2
_InetFrame
_InstallForm
_LicFrame
_MainFrame
_MediaFrame
_PrivacyFr
_PromoForm
_ScanForm
_SysInfoFrame
_UtilsFrame
__GetExceptDLLinfo
___CPPdebugHook

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 147KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 159KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 2.6MB

UPX1 Size: 2.2MB - Virtual size: 2.2MB

.rsrc Size: 109KB - Virtual size: 112KB

Headers

File Characteristics

Exports

Exports

Sections

.text Size: 2.1MB - Virtual size: 2.1MB

.data Size: 147KB - Virtual size: 196KB

.tls Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 31KB - Virtual size: 32KB

.didata Size: 1024B - Virtual size: 4KB

.edata Size: 4KB - Virtual size: 4KB

.rsrc Size: 2.3MB - Virtual size: 2.3MB

.reloc Size: 159KB - Virtual size: 160KB

UPX0
Size: - Virtual size: 2.6MB

UPX1
Size: 2.2MB - Virtual size: 2.2MB

.rsrc
Size: 109KB - Virtual size: 112KB

.text
Size: 2.1MB - Virtual size: 2.1MB

.data
Size: 147KB - Virtual size: 196KB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 31KB - Virtual size: 32KB

.didata
Size: 1024B - Virtual size: 4KB

.edata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 2.3MB - Virtual size: 2.3MB

.reloc
Size: 159KB - Virtual size: 160KB