fcadcf734997909b2838579d021f9dfa_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fcadcf734997909b2838579d021f9dfa_JaffaCakes118
Size

175KB
MD5

fcadcf734997909b2838579d021f9dfa
SHA1

f5fbad79da8b14f79057f95f586664a76000e3f2
SHA256

4a332862287890c5b128e249fadbb12cc72c54ec945c9f109bc6ac015a150cec
SHA512

4560296db249dc855e938c5be3e3474039458e079562f331c005dfaf3560f167e01d32a03c1e7fd00895a7765a836baeac5cfdbd3f2de6ac4f1e1d1af3a984da
SSDEEP

3072:gxaeLUljOwd8x8Nqp3MCaoVkixaeLUljOwd8x8Nqp3MCaoVk:HeLptuNqmEV8eLptuNqmEV

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fcadcf734997909b2838579d021f9dfa_JaffaCakes118

Files

fcadcf734997909b2838579d021f9dfa_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 20KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.UPX0
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.UPX1
Size: 30KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

]Eq?\
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 20KB - Virtual size: 48KB

.rdata Size: 4KB - Virtual size: 8KB

.data Size: 8KB - Virtual size: 16KB

.rsrc Size: 11KB - Virtual size: 12KB

.UPX0 Size: 2KB - Virtual size: 4KB

.UPX1 Size: 30KB - Virtual size: 36KB

.reloc Size: 3KB - Virtual size: 4KB

.aspack Size: 5KB - Virtual size: 8KB

.adata Size: - Virtual size: 4KB

]Eq?\ Size: 88KB - Virtual size: 88KB

.text
Size: 20KB - Virtual size: 48KB

.rdata
Size: 4KB - Virtual size: 8KB

.data
Size: 8KB - Virtual size: 16KB

.rsrc
Size: 11KB - Virtual size: 12KB

.UPX0
Size: 2KB - Virtual size: 4KB

.UPX1
Size: 30KB - Virtual size: 36KB

.reloc
Size: 3KB - Virtual size: 4KB

.aspack
Size: 5KB - Virtual size: 8KB

.adata
Size: - Virtual size: 4KB

]Eq?\
Size: 88KB - Virtual size: 88KB