3762a0e5c3e8dbd17a7231d9baecf217_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3762a0e5c3e8dbd17a7231d9baecf217_JaffaCakes118
Size

336KB
MD5

3762a0e5c3e8dbd17a7231d9baecf217
SHA1

1544ae28de95f26640853a4f12a106a2dfa765a3
SHA256

44a4167febd53e4414ca96b7c42724f18cda6e55a107bef7e80293a5933f6800
SHA512

d1bfae752a6d948d49bb2677af8fb7ca137cea3960369af3c1057a1683c4032409f0e20f52a26451fcce9755c5f2281b457ea15d13779109243d2f5dba1c0fcf
SSDEEP

6144:v297BBNMEhp4eYNw+6Kl4sHcc+JbbzTpA1ppCAGADsKeziZnjRp48x+xxmpFiGV:v2977CcKVNf3llD+JbnTpA1ppCA9wiZN

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/r-aimbot.exe	upx

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/r-aimbot.dll
unpack001/r-aimbot.exe
unpack002/out.upx

Files

3762a0e5c3e8dbd17a7231d9baecf217_JaffaCakes118
.rar
chit.jpg
.jpg
r-aimbot.cfg
r-aimbot.dll
.dll windows:5 windows x86 arch:x86

b9e80ad2c93637b6803ec6126cc4a8f4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvcr90

_decode_pointer

opengl32

glLoadIdentity

Sections

.text
Size: 12KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
r-aimbot.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 428B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
readme.txt

Sharing

General

Malware Config

Signatures

Files

b9e80ad2c93637b6803ec6126cc4a8f4

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcr90

opengl32

Sections

.text Size: 12KB - Virtual size: 44KB

.rsrc Size: 3KB - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 512B

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 20KB

UPX1 Size: 3KB - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 4KB

Headers

File Characteristics

Sections

.text Size: 3KB - Virtual size: 2KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 428B

.text
Size: 12KB - Virtual size: 44KB

.rsrc
Size: 3KB - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 512B

UPX0
Size: - Virtual size: 20KB

UPX1
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 4KB

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 428B