ec7286061de3fafefdc049f42d7bd93c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ec7286061de3fafefdc049f42d7bd93c_JaffaCakes118
Size

131KB
MD5

ec7286061de3fafefdc049f42d7bd93c
SHA1

c94c87b1c43e0c1a6b3c2a69c717cfbf90d9c302
SHA256

dc8f711415436f4f14a71f992a367ee46dc0d8bca298e2327b83834793b0fdad
SHA512

c34d9ff5eb78041f6e36fce5ead77914d2ed65267074ca2d1dad7e0407fda1a246135616c8dda338749411b8975bf9c6d3f45da4ed904b03ae2c1d4836cd5441
SSDEEP

3072:d7rDgBXQ8SM1ZYDhag60dXPgsTt3tYnDVlhGGRGLsdU:RAgG1KDMgx/pHYDbsCGwd

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
ec7286061de3fafefdc049f42d7bd93c_JaffaCakes118
unpack001/out.upx

Files

ec7286061de3fafefdc049f42d7bd93c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 68KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 122KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ