JaffaCakes118_c31c5f35bbce711cd2d1c360484f8bb3

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_c31c5f35bbce711cd2d1c360484f8bb3
Size

284KB
MD5

c31c5f35bbce711cd2d1c360484f8bb3
SHA1

30fd5c3667d68ddbfadfb0ac23de6c7f23ae65d4
SHA256

2be704e4c9e8f11590744938caac5f7868b88dd864d3f02d6ea1c49c485ab9c4
SHA512

88edd40595e8d9e56c7b67b21d81e92e9a80ce76d8056a133a5b6f03bb9e90fe8a6220a4704fa320ed2a7527fd44b151a2d33b8affa1439544b6e98d5763988b
SSDEEP

6144:xrkONgf/I/wKkYYOpKZNxOy4BAq7qWDqSPSAxuArt/UDpQ0woccckcE1r5cccpXf:xrlG/gwipKkylqGlSavAh/+Q0woccckc

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_c31c5f35bbce711cd2d1c360484f8bb3

Files

JaffaCakes118_c31c5f35bbce711cd2d1c360484f8bb3
.exe windows:4 windows x86 arch:x86

f3be43dbfd6a6805c0753097bdfdf841

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
GetACP
GetCPInfo
GetCurrentProcess
GetLocaleInfoW
GetModuleHandleA
GetProcessHeap
GetSystemDefaultLCID
GetThreadLocale
GetUserDefaultLCID
GetVersion
LoadLibraryA
MultiByteToWideChar
GetProcAddress

user32

GetKeyboardLayout
GetMenuItemCount
GetMenuItemInfoW
GetMenuStringW
GetSystemMetrics
MessageBoxW
SendMessageW
SetWindowPos

loadperf

SetServiceAsTrustedW
InstallPerfDllA

uxtheme

GetThemeString
IsAppThemed
GetThemeRect
OpenThemeData
GetThemeFont
DrawThemeEdge
GetThemePropertyOrigin

Sections

UPX0
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vY
Size: 5KB - Virtual size: 641KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Ex
Size: 4KB - Virtual size: 673KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.AJMT
Size: 2KB - Virtual size: 394KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 75KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.AuguG
Size: 3KB - Virtual size: 524KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 269KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 142KB - Virtual size: 167KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fx
Size: 2KB - Virtual size: 293KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zhaVk
Size: 4KB - Virtual size: 293KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f3be43dbfd6a6805c0753097bdfdf841

Headers

File Characteristics

Imports

kernel32

user32

loadperf

uxtheme

Sections

UPX0 Size: 10KB - Virtual size: 9KB

.text Size: 18KB - Virtual size: 18KB

.vY Size: 5KB - Virtual size: 641KB

.Ex Size: 4KB - Virtual size: 673KB

.rdata Size: 1024B - Virtual size: 31KB

.AJMT Size: 2KB - Virtual size: 394KB

.edata Size: 75KB - Virtual size: 84KB

.AuguG Size: 3KB - Virtual size: 524KB

.data Size: 10KB - Virtual size: 269KB

.edata Size: 142KB - Virtual size: 167KB

.fx Size: 2KB - Virtual size: 293KB

.zhaVk Size: 4KB - Virtual size: 293KB

.rsrc Size: 5KB - Virtual size: 5KB

UPX0
Size: 10KB - Virtual size: 9KB

.text
Size: 18KB - Virtual size: 18KB

.vY
Size: 5KB - Virtual size: 641KB

.Ex
Size: 4KB - Virtual size: 673KB

.rdata
Size: 1024B - Virtual size: 31KB

.AJMT
Size: 2KB - Virtual size: 394KB

.edata
Size: 75KB - Virtual size: 84KB

.AuguG
Size: 3KB - Virtual size: 524KB

.data
Size: 10KB - Virtual size: 269KB

.edata
Size: 142KB - Virtual size: 167KB

.fx
Size: 2KB - Virtual size: 293KB

.zhaVk
Size: 4KB - Virtual size: 293KB

.rsrc
Size: 5KB - Virtual size: 5KB