15657e34ab1b2b77c41e75794f612765_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

15657e34ab1b2b77c41e75794f612765_JaffaCakes118
Size

68KB
MD5

15657e34ab1b2b77c41e75794f612765
SHA1

0c42753d6d42a783e93b659176cbdadfc6d448e1
SHA256

1e22e520b2e3a158c1ed503ebadc80c86c15d34196502d2ebf9e66fcc5e45881
SHA512

f6719d691408868e219c2c7754052d406f2885a504e3513c3f6e60cad1eb91119e87d8a8951174542fc5659dae1600b6096ed367512a0d0ae159bee0157e6945
SSDEEP

768:LbI5U0+VnGOrD1OSJYXcn3mgXfuXyz4bH3SlzZ7QE0cGuj48g5OEVhXgoKggfWQE:g5bfMVfyyz4rS0ZSUFHXpCWatEhOtY

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15657e34ab1b2b77c41e75794f612765_JaffaCakes118

Files

15657e34ab1b2b77c41e75794f612765_JaffaCakes118
.exe windows:4 windows x86 arch:x86

26a4f4ff07bb9f37c3268037ad32784b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
QueryPerformanceCounter
LocalFree
GetTickCount
CloseHandle
VirtualFree
VirtualAlloc
GetProcAddress
GetModuleHandleA
CreateFileA
GetVersion
GetVersionExA
InitializeCriticalSection
DeleteCriticalSection
MultiByteToWideChar
WideCharToMultiByte
GetLastError
lstrlenA
DeviceIoControl
GetStartupInfoA
GetEnvironmentVariableA
WriteFile
GetTempPathA
LoadLibraryA
GetModuleFileNameA
SetLastError
GetVolumeInformationA
FreeLibrary
ReadFile
SetFilePointer
CreateProcessA
InterlockedDecrement
TerminateProcess
GetCurrentProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId

msvcp71

?swap@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXAAV12@@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?at@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ID@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIDI@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z

msvcr71

_controlfp
?terminate@@YAXXZ
__security_error_handler
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_amsg_exit
_acmdln
exit
_cexit
_XcptFilter
_exit
_c_exit
??1type_info@@UAE@XZ
_onexit
__dllonexit
strncat
??3@YAXPAX@Z
memcpy
??_V@YAXPAX@Z
??_U@YAPAXI@Z
_CxxThrowException
__CxxFrameHandler
sprintf
strcpy
strcat
malloc
strlen
div
memset
free
_except_handler3
strstr
_strlwr
_strdup
??2@YAPAXI@Z
_ismbblead

ole32

CLSIDFromProgID
CLSIDFromString
CoCreateInstance
OleRun

oleaut32

snmpapi

SnmpUtilOidCpy

user32

CharToOemA

Sections

UPX0
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

26a4f4ff07bb9f37c3268037ad32784b

Headers

File Characteristics

Imports

kernel32

msvcp71

msvcr71

ole32

oleaut32

snmpapi

user32

Sections

UPX0 Size: 64KB - Virtual size: 64KB

.avc Size: 3KB - Virtual size: 4KB

UPX0
Size: 64KB - Virtual size: 64KB

.avc
Size: 3KB - Virtual size: 4KB