36f9dbf2b3b4045153a5b37020b1c49e_JaffaCakes118

General

Target

36f9dbf2b3b4045153a5b37020b1c49e_JaffaCakes118
Size

15KB
MD5

36f9dbf2b3b4045153a5b37020b1c49e
SHA1

10b8d331844f041808a1bb52331c72e8eb5fcb2b
SHA256

0fa10535009f401320ee107d099f65e0c34ad5c1be39fbc6657e2007c45da365
SHA512

5dfa4f417380c0a8deb0689a0229273db91f3421072f2fb3aee8a57ad982bb5c3b13ec21ddedaada428953a9ecf0fe52a312074f5b73b0aaac2a05190b30f945
SSDEEP

384:zLU/8QeJUc4XNdz9zzlq/nKnWShGeaqrt:nUcedz94/DShb

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
upx

Processes:

resource yara_rule

sample upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

Processes:

resource
36f9dbf2b3b4045153a5b37020b1c49e_JaffaCakes118
unpack001/out.upx

Files

36f9dbf2b3b4045153a5b37020b1c49e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 672B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 176B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 636B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.stab
Size: 1024B - Virtual size: 852B

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.stabstr
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 32KB

UPX1 Size: 4KB - Virtual size: 8KB

UPX2 Size: 512B - Virtual size: 4KB

Headers

File Characteristics

Sections

.text Size: 2KB - Virtual size: 2KB

.data Size: 1024B - Virtual size: 672B

.rdata Size: 512B - Virtual size: 224B

.bss Size: - Virtual size: 176B

.idata Size: 1024B - Virtual size: 636B

.stab Size: 1024B - Virtual size: 852B

.stabstr Size: 2KB - Virtual size: 2KB

UPX0
Size: - Virtual size: 32KB

UPX1
Size: 4KB - Virtual size: 8KB

UPX2
Size: 512B - Virtual size: 4KB

.text
Size: 2KB - Virtual size: 2KB

.data
Size: 1024B - Virtual size: 672B

.rdata
Size: 512B - Virtual size: 224B

.bss
Size: - Virtual size: 176B

.idata
Size: 1024B - Virtual size: 636B

.stab
Size: 1024B - Virtual size: 852B

.stabstr
Size: 2KB - Virtual size: 2KB