f9af72feb0ddb7b40093f242fed06661_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f9af72feb0ddb7b40093f242fed06661_JaffaCakes118
Size

237KB
MD5

f9af72feb0ddb7b40093f242fed06661
SHA1

fb51cdb5d11eef5646844be033ef5ad056f02784
SHA256

107aea3ab69ed179c7c1b94eaa6a2b662cc7b923f1a262445db62045c4baa57c
SHA512

2cc0ffa5c601dafc223e8193e18833589db02b0d331e07ebbb86a14d00b5bbb8f1069236a1814b103a21504888810eb33d0552f3c848906dc7d6d459eb03f326
SSDEEP

6144:ITMrsG52RdRgoS6/PVownpqrtcKTCEhdGjWRr+QbbXX/I:3rsGDoS0Pewn6bTdPzH/I

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f9af72feb0ddb7b40093f242fed06661_JaffaCakes118

Files

f9af72feb0ddb7b40093f242fed06661_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 88KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 52KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc0
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc1
Size: 155KB - Virtual size: 155KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE