JaffaCakes118_108cebcfefda86f412a037578b9386b9

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_108cebcfefda86f412a037578b9386b9
Size

256KB
MD5

108cebcfefda86f412a037578b9386b9
SHA1

5f2bdfd8d30706f65fea88a6ec547d3d4cf036a5
SHA256

ec74a9377384784f9cdfb648af37465fcd4ed77dd4e90fa74c81c3c5fe8e25b4
SHA512

62a07f5aea4dd967d5a289a5e3b98022c747a82911db77e14b8914a5cb8f5ef0d64baaa2b5a15a1bb64f0d2185638c9038dfb20f651baae373cbbb3a6b27a2eb
SSDEEP

6144:vw5J8uT7bp56aZVgpomM4sFVilzoUy7Xt+:Ipd5nVEM4sFkF3y7XA

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_108cebcfefda86f412a037578b9386b9

Files

JaffaCakes118_108cebcfefda86f412a037578b9386b9
.exe windows:4 windows x86 arch:x86

a269b8ee4d6e62df5f347b4042dfc5ed

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameW
GetLastError
GetTickCount
GetCurrentProcess
MultiByteToWideChar
GetSystemDirectoryW
GetVersionExA
GetProcessHeap
GetStartupInfoW
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleA
TlsAlloc
GetCurrentThreadId
HeapCreate
ExitProcess
GetModuleFileNameA
GetEnvironmentStringsW
GetStartupInfoA
QueryPerformanceCounter
GetCurrentProcessId
GetStringTypeA
GetStringTypeW
Sleep
GetLocaleInfoA
InitializeCriticalSection
LoadLibraryA
GetProcAddress

user32

GetSystemMetrics
DestroyIcon
DestroyMenu
LoadCursorA
GetFocus
UnregisterClassA
GetSubMenu
MessageBoxIndirectW
IsDlgButtonChecked
GetClassInfoExA
CharNextW
OpenClipboard
GetMessageW
wvsprintfA
CreateDialogParamW
SetWindowPos
LoadBitmapA
WaitMessage
RegisterWindowMessageW
GetMenuStringW
SetFocus
GetMenuItemInfoA
SendMessageW
CreateDialogIndirectParamW
GetKeyState
SetWindowTextW
GetDlgItemTextA
wsprintfA
LoadMenuIndirectA
CheckMenuItem
EnableWindow
SetParent
MessageBoxA
EndMenu
SetActiveWindow
LoadIconW
LoadIconA
CreateWindowExW

advapi32

RegSetValueExW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegDeleteKeyW
CloseServiceHandle
StartServiceW
OpenServiceW
OpenSCManagerW

usp10

ScriptGetProperties
ScriptTextOut
ScriptGetCMap
ScriptFreeCache
ScriptString_pLogAttr
ScriptShape
UspAllocCache
ScriptRecordDigitSubstitution
ScriptBreak

gdi32

CreateEllipticRgn
CreateFontIndirectExW
CreateBitmapIndirect
CreateColorSpaceW
ExtCreateRegion
CreatePatternBrush
GetMetaFileW

sensapi

IsDestinationReachableA

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

CODE
Size: 4KB - Virtual size: 304KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 101KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

UPX1
Size: 3KB - Virtual size: 277KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 115KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a269b8ee4d6e62df5f347b4042dfc5ed

Headers

File Characteristics

Imports

kernel32

user32

advapi32

usp10

gdi32

sensapi

Sections

.text Size: 12KB - Virtual size: 11KB

.rdata Size: 3KB - Virtual size: 35KB

CODE Size: 4KB - Virtual size: 304KB

.edata Size: 101KB - Virtual size: 162KB

UPX1 Size: 3KB - Virtual size: 277KB

.data Size: 7KB - Virtual size: 73KB

.edata Size: 115KB - Virtual size: 162KB

.rdata Size: 3KB - Virtual size: 19KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 12KB - Virtual size: 11KB

.rdata
Size: 3KB - Virtual size: 35KB

CODE
Size: 4KB - Virtual size: 304KB

.edata
Size: 101KB - Virtual size: 162KB

UPX1
Size: 3KB - Virtual size: 277KB

.data
Size: 7KB - Virtual size: 73KB

.edata
Size: 115KB - Virtual size: 162KB

.rdata
Size: 3KB - Virtual size: 19KB

.rsrc
Size: 4KB - Virtual size: 4KB