38dd5b4860236b1f1c228fb3a44e7cdb_JaffaCakes118

General

Target

38dd5b4860236b1f1c228fb3a44e7cdb_JaffaCakes118
Size

40KB
MD5

38dd5b4860236b1f1c228fb3a44e7cdb
SHA1

dc3d174042b4acf39e504bd4642ee279b7b9dbc7
SHA256

d9c13daa18cc08fc0e01af5d415a2d7aa59988a9686646f88d3bc8bddf715700
SHA512

2616f4755077229a6e017420c6cd0a86c8983a4bbfd6a179b55468fccc7f718d4dbea6f6173e6b9e7500e4db0ed7e267b5471c1a309cc01748cfe4e6e65e05b2
SSDEEP

384:xNoKx0yDVhhsEjdrONXE094ygYZOYDk9:3oKxbVhhsEJKN00fn49

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
38dd5b4860236b1f1c228fb3a44e7cdb_JaffaCakes118

Files

38dd5b4860236b1f1c228fb3a44e7cdb_JaffaCakes118
.exe windows:1 windows x86 arch:x86

a53e464c7b378a822b69ce8cabeebc91

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

WriteFile
SetFilePointer
ReadFile
GetFileSize
CreateFileA
CloseHandle
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualFree
LocalFree
LocalAlloc
TlsSetValue
TlsGetValue
GetModuleHandleA
GetLastError
GetCommandLineA
WriteFile
SetFilePointer
SetEndOfFile
RtlUnwind
ReadFile
RaiseException
GetStdHandle
GetFileSize
GetFileType
ExitProcess
CreateFileA
CloseHandle

comdlg32

GetOpenFileNameA

shell32

ShellExecuteA
DragQueryFileA
DragAcceptFiles

user32

wvsprintfA
UpdateWindow
TranslateMessage
ShowWindow
SetWindowPos
SetDlgItemInt
SendMessageA
SendDlgItemMessageA
PostQuitMessage
MessageBoxA
LoadIconA
IsDialogMessageA
GetWindowRect
GetMessageA
GetDlgItemInt
GetDesktopWindow
EndDialog
DispatchMessageA
DialogBoxParamA
DestroyWindow
CreateDialogParamA
MessageBoxA

Sections

UPX0
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avp
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a53e464c7b378a822b69ce8cabeebc91

Headers

File Characteristics

Imports

kernel32

comdlg32

shell32

user32

Sections

UPX0 Size: 36KB - Virtual size: 36KB

.rsrc Size: 1KB - Virtual size: 4KB

.avp Size: 1KB - Virtual size: 4KB

UPX0
Size: 36KB - Virtual size: 36KB

.rsrc
Size: 1KB - Virtual size: 4KB

.avp
Size: 1KB - Virtual size: 4KB