f07877c21ba4da6d27f9b50a0fee089f_JaffaCakes118

General

Target

f07877c21ba4da6d27f9b50a0fee089f_JaffaCakes118
Size

400KB
MD5

f07877c21ba4da6d27f9b50a0fee089f
SHA1

34b7e75cfa79b66bb8ca50bbab68cc28045469db
SHA256

cfbba7f8fb51f91f3644413713faf9cd796162d1cbb137e63ddfb286fe626dea
SHA512

e3ae7b26627ce6e20a590ce34c27cc33b9eb5431059af977a820467a575d694c5d0a72acc071e69092484bf149f6f32fd9f975db7e1f2ea4380b8d6f1d8c3d57
SSDEEP

12288:XjCOgA7Xc/OtGYL/yqgX12mdg803VBK3:zCW7MmVL3gF2mK803VBK3

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
f07877c21ba4da6d27f9b50a0fee089f_JaffaCakes118
unpack001/out.upx

Files

f07877c21ba4da6d27f9b50a0fee089f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_SYSTEM

Sections

UPX0
Size: - Virtual size: 44KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 394KB - Virtual size: 396KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_SYSTEM

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 964B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 294KB - Virtual size: 294KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.adata
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.newIID
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 44KB

UPX1 Size: 394KB - Virtual size: 396KB

.rsrc Size: 4KB - Virtual size: 4KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 10KB - Virtual size: 10KB

.data Size: 1024B - Virtual size: 964B

.rsrc Size: 294KB - Virtual size: 294KB

.adata Size: 115KB - Virtual size: 114KB

.newIID Size: 512B - Virtual size: 4KB

UPX0
Size: - Virtual size: 44KB

UPX1
Size: 394KB - Virtual size: 396KB

.rsrc
Size: 4KB - Virtual size: 4KB

.text
Size: 10KB - Virtual size: 10KB

.data
Size: 1024B - Virtual size: 964B

.rsrc
Size: 294KB - Virtual size: 294KB

.adata
Size: 115KB - Virtual size: 114KB

.newIID
Size: 512B - Virtual size: 4KB