382e4c99ad72f9747841b8208b455611_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

382e4c99ad72f9747841b8208b455611_JaffaCakes118
Size

2.7MB
MD5

382e4c99ad72f9747841b8208b455611
SHA1

4b2d5079f6767f912ebda15a9173289d54819357
SHA256

19651adfc739409651b1db9c1cc3107ddb3d7024721b41e54a0d8c441ba76d5b
SHA512

b704023e684b1e08e35e8e090d93bcd0e78500237603a8eac768bce3261491ed7bdb62ef78b4db19fbfe076e4173f06137081c83aff00ae2c6fb555070d4c0ac
SSDEEP

49152:a+Wdlwd5OWRWZ94oBaT8FU9RzPlmY7ey+gV0QEOJ0EzwXYA4TPMy7wsbmKwZQcIi:HmWdn7bzPlmQSBQEn7XYAMMcws6KtIl

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/Windows 7 Loader 2.2.1/Windows Loader v2.2.1/Windows Loader.exe	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Windows 7 Loader 2.2.1/Windows Loader v2.2.1/Windows Loader.exe

Files

382e4c99ad72f9747841b8208b455611_JaffaCakes118
.zip
Windows 7 Loader 2.2.1/1.bmp
Windows 7 Loader 2.2.1/2.bmp
Windows 7 Loader 2.2.1/3.bmp
Windows 7 Loader 2.2.1/New-BuilD.info.url
.url
Windows 7 Loader 2.2.1/Windows Loader v2.2.1/Keys.ini
Windows 7 Loader 2.2.1/Windows Loader v2.2.1/Read me.txt
Windows 7 Loader 2.2.1/Windows Loader v2.2.1/Windows Loader.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 1.5MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 577KB - Virtual size: 580KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Windows 7 Loader 2.2.1/Windows Loader v2.2.1/checksums.md5
Windows 7 Loader 2.2.1/ ⥪⮢ 㬥.txt
profismart.txt