2889810a962978c11428185f9ed70f7f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2889810a962978c11428185f9ed70f7f_JaffaCakes118
Size

1.1MB
MD5

2889810a962978c11428185f9ed70f7f
SHA1

2aa1f4521df416ab8185d2dae01234af9faeaef1
SHA256

8727c56b3b7bea20b42fb057b8909df124cdb308753960815ddd1d61d8b4bb0e
SHA512

79da72fe33c1f673bef422c9a8ef8ecf8385a4ae2d95e02d84b79e07196384966fb07ad770503efb5f006757c57149ff837f789cb6c49b77dab309052040c0ad
SSDEEP

24576:/9zROsZP25iXJ00Foh7lgr5KToXJivyBVEt1NUg/3YypJ6:/9FBxJxFoNYKTo5ivyTEt1DwypI

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/liebaohusini/Keygen.exe	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/liebaohusini/Keygen.exe
unpack001/liebaohusini/猎豹呼死你 V4.0双加密.exe

Files

2889810a962978c11428185f9ed70f7f_JaffaCakes118
.rar
liebaohusini/Keygen.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 536KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 225KB - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 103KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
liebaohusini/河源下载站-cngr.cn.url
.url
liebaohusini/淘宝热卖.url
.url
liebaohusini/猎豹呼死你 V4.0双加密.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.textbss
Size: - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 857KB - Virtual size: 860KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 792B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Kido
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 536KB

UPX1 Size: 225KB - Virtual size: 228KB

.rsrc Size: 103KB - Virtual size: 104KB

Headers

File Characteristics

Sections

.textbss Size: - Virtual size: 2.5MB

.text Size: 3KB - Virtual size: 4KB

.data Size: 857KB - Virtual size: 860KB

.idata Size: 792B - Virtual size: 4KB

.rsrc Size: 104KB - Virtual size: 104KB

.Kido Size: 4KB - Virtual size: 4KB

UPX0
Size: - Virtual size: 536KB

UPX1
Size: 225KB - Virtual size: 228KB

.rsrc
Size: 103KB - Virtual size: 104KB

.textbss
Size: - Virtual size: 2.5MB

.text
Size: 3KB - Virtual size: 4KB

.data
Size: 857KB - Virtual size: 860KB

.idata
Size: 792B - Virtual size: 4KB

.rsrc
Size: 104KB - Virtual size: 104KB

.Kido
Size: 4KB - Virtual size: 4KB