f0edc85c70e5d6d90a28a7e07ad0589e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f0edc85c70e5d6d90a28a7e07ad0589e_JaffaCakes118
Size

138KB
MD5

f0edc85c70e5d6d90a28a7e07ad0589e
SHA1

8c1cf2979623fc0fb530881590b840ba15cee892
SHA256

de8ba8b26cce4a19d3b0e45b9dd207c036e5e7eadb9a8880fd276f9ce59d188a
SHA512

f6507572dd2315e28c7f531037d6f7147310918f6077ff90c06ca2a6e2bd60cf61c5516ae04d5c6eba8db30237e9c8687bf63d1ba4f46a16d6e8b29e54a82ffe
SSDEEP

3072:ohdryhCKe6jMZPMeMeiMY+ycIu09PB0RwRS7sGH/pB:cAK6jIPb7Yl+0dB0eRgsGH

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
f0edc85c70e5d6d90a28a7e07ad0589e_JaffaCakes118
unpack001/out.upx

Files

f0edc85c70e5d6d90a28a7e07ad0589e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 72KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 129KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ