fbebc3557141ad25f248066d546c6cc6_JaffaCakes118 | Triage

Sharing

General

Target

fbebc3557141ad25f248066d546c6cc6_JaffaCakes118
Size

283KB
MD5

fbebc3557141ad25f248066d546c6cc6
SHA1

996449b953b5b603c507f10d1fc8551c01b3e89a
SHA256

c80027fdf728eef8ab3614ec2b52d1d75891f93748624494b1b1f4a0f4dddf6c
SHA512

19de9bfafc384847a51a0e1cd5c288f1e6d01aaa6b68e819349784a83e50e66a8896a0377413a00153dc297664dcb49c533d116fa5b23267546c40d738e91940
SSDEEP

6144:54eHrUCbKLoiQ2VsCt0UVs70Av+ZKzplWs+2rsfVWWUjIhzWWfZ:54eLJbMoiQ2Vsu0URA2ZgZrsfVW3IrZ

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/ddmjzs_t-v1.04.exe	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ddmjzs_t-v1.04.exe
unpack002/out.upx

Files

fbebc3557141ad25f248066d546c6cc6_JaffaCakes118
.rar
ddmjzs_t-v1.04.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 364KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 277KB - Virtual size: 280KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 440KB - Virtual size: 439KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
新云软件.url
.url