300d9599c882efa5658bae9dd48e311e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

300d9599c882efa5658bae9dd48e311e_JaffaCakes118
Size

1023KB
MD5

300d9599c882efa5658bae9dd48e311e
SHA1

0f5cba5611a3766e87b0401f649d1d9f266a5036
SHA256

2273dd4ff58c612e6c9e805fbf10cfa7aa5604d7e4fa15182d5c17ffc19364f4
SHA512

9938c3553f734759256bfe6d3f24f3c234ad8f406a1333303698d9ceecc3e0ecd372fb7a3f2a1c5de5173a158227b286824256df1c0f122cd44097d53a64521a
SSDEEP

24576:ZmYms3XJ4ZhKWL1hbrj3xg1AJde7dHsTKaOTw4kfmkoUVAj:ZmYmiXJAY41ydiTX54Gm/se

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/out.upx

Files

300d9599c882efa5658bae9dd48e311e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Code Sign

04:8b:18:52:d3:6e:e8
Certificate

Issuer

CN=Go Daddy Secure Certificate Authority - G2,OU=http://certs.godaddy.com/repository/,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Not Before

20/08/2014, 09:55

Not After

05/08/2015, 08:51

Subject

CN=GIGA Digital AG,O=GIGA Digital AG,L=Berlin,ST=Berlin,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Certificate

Issuer

CN=Go Daddy Root Certificate Authority - G2,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Not Before

01/09/2009, 00:00

Not After

31/12/2037, 23:59

Subject

CN=Go Daddy Root Certificate Authority - G2,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

07
Certificate

Issuer

CN=Go Daddy Root Certificate Authority - G2,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Not Before

03/05/2011, 07:00

Not After

03/05/2031, 07:00

Subject

CN=Go Daddy Secure Certificate Authority - G2,OU=http://certs.godaddy.com/repository/,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

a0:c0:d8:3b:84:c4:ca:64:97:29:98:b3:ec:bd:b3:b1:0f:0b:0f:7f
Signer

Actual PE Digest

a0:c0:d8:3b:84:c4:ca:64:97:29:98:b3:ec:bd:b3:b1:0f:0b:0f:7f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 1.5MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 989KB - Virtual size: 992KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 483KB - Virtual size: 482KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

code
Size: 340KB - Virtual size: 339KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

data
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 122KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 59KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Code Sign

04:8b:18:52:d3:6e:e8Certificate

Extended Key Usages

Key Usages

Certificate

Key Usages

07Certificate

Key Usages

a0:c0:d8:3b:84:c4:ca:64:97:29:98:b3:ec:bd:b3:b1:0f:0b:0f:7fSigner

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 1.5MB

UPX1 Size: 989KB - Virtual size: 992KB

.rsrc Size: 27KB - Virtual size: 28KB

Headers

File Characteristics

Sections

.text Size: 483KB - Virtual size: 482KB

code Size: 340KB - Virtual size: 339KB

.data Size: 11KB - Virtual size: 11KB

data Size: 1.4MB - Virtual size: 1.4MB

.rdata Size: 122KB - Virtual size: 122KB

.bss Size: - Virtual size: 59KB

.idata Size: 13KB - Virtual size: 12KB

.rsrc Size: 26KB - Virtual size: 26KB

04:8b:18:52:d3:6e:e8
Certificate

07
Certificate

a0:c0:d8:3b:84:c4:ca:64:97:29:98:b3:ec:bd:b3:b1:0f:0b:0f:7f
Signer

UPX0
Size: - Virtual size: 1.5MB

UPX1
Size: 989KB - Virtual size: 992KB

.rsrc
Size: 27KB - Virtual size: 28KB

.text
Size: 483KB - Virtual size: 482KB

code
Size: 340KB - Virtual size: 339KB

.data
Size: 11KB - Virtual size: 11KB

data
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 122KB - Virtual size: 122KB

.bss
Size: - Virtual size: 59KB

.idata
Size: 13KB - Virtual size: 12KB

.rsrc
Size: 26KB - Virtual size: 26KB