0d5fc442a9bcc16390aaf3a411e16a2a_JaffaCakes118

General

Target

0d5fc442a9bcc16390aaf3a411e16a2a_JaffaCakes118
Size

89KB
MD5

0d5fc442a9bcc16390aaf3a411e16a2a
SHA1

ed807d9463cac92462252500052005d6b9000e0b
SHA256

b7b00cf960aaecbd6b6e9b6f2902a84f31ef62fa00610803b4fbc511a4965331
SHA512

11afa0112c9baf11ac42801396d91dddf5d350fe5200df9426261a8d4f555ca409724b947bf6493fc6e454e74bbe6bb78645643d2c6e7322b5ff1e6f792e8bd9
SSDEEP

768:/RJXrJBNVk5HZ7dIndPmWPIiPrZGwaUDdc/Lv6gN7chUSPlv:tVk5HldSoWQqGwDdc/LyGcP

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d5fc442a9bcc16390aaf3a411e16a2a_JaffaCakes118

Files

0d5fc442a9bcc16390aaf3a411e16a2a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1d3f10c755edb48da9e206e7bcda30d8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyA
lstrlenA
lstrcmpA
AllocConsole
GetStdHandle
MultiByteToWideChar
HeapFree
lstrcmpiA
WideCharToMultiByte
HeapAlloc
WriteFile
SetConsoleMode
GetConsoleMode
GetLastError
ReadFile
GetModuleFileNameA
GetTimeFormatA
Sleep
GetSystemDefaultLCID
GetModuleHandleA
ReadConsoleInputA
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
lstrcatA
GetTempFileNameA
GetVersion
GetTickCount
SetCurrentDirectoryA
CreateDirectoryA
DeleteFileA
CloseHandle
CreateFileA
GetFileAttributesA
GetCurrentDirectoryA
GetTempPathA
ExitProcess
SizeofResource
LockResource
LoadResource
FindResourceA
GetProcessHeap
RemoveDirectoryA
GetCommandLineA

ole32

CoInitialize
CoUninitialize
CLSIDFromProgID
CoCreateInstance
CoGetObject

oleaut32

user32

DialogBoxParamA
GetParent
GetDesktopWindow
GetWindowRect
CharToOemA
CopyRect
OffsetRect
SetWindowPos
LoadStringA
SetDlgItemTextA
GetDlgItem
SetFocus
GetDlgItemTextA
EndDialog
wsprintfA
GetForegroundWindow
MessageBoxA

Sections

UPX0
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avp
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1d3f10c755edb48da9e206e7bcda30d8

Headers

File Characteristics

Imports

kernel32

ole32

oleaut32

user32

Sections

UPX0 Size: 84KB - Virtual size: 84KB

.rsrc Size: 2KB - Virtual size: 4KB

.avp Size: 2KB - Virtual size: 4KB

UPX0
Size: 84KB - Virtual size: 84KB

.rsrc
Size: 2KB - Virtual size: 4KB

.avp
Size: 2KB - Virtual size: 4KB