f76551f8cbec510a4af27fe21d42fa30_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f76551f8cbec510a4af27fe21d42fa30_JaffaCakes118
Size

19KB
MD5

f76551f8cbec510a4af27fe21d42fa30
SHA1

7b173b4edcd5c29e941b9fb3da79b4d39d47aef0
SHA256

465775087e7250cfa8eae408f92beb1796bf1f1afa97f328f7be79e8ca225b26
SHA512

d6f34e3bfaa420348a7e38a4bb2b38618650bd5f563893db833c149f9d31a295187f841eb7c8b17d0b7be8e46eae7a8092a7f39a071596f706d79396fe433df8
SSDEEP

192:bZTfomXjLRWioQRlp7hxkHFmed66uDCdRjDLpdVv/jiE2OmAktX0bzRA0eoSvBWC:bZ8mTrPkHF/P/B/2EdYu20xSI7sXz

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
f76551f8cbec510a4af27fe21d42fa30_JaffaCakes118
unpack001/out.upx

Files

f76551f8cbec510a4af27fe21d42fa30_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ