814a4a51afd5a6fa5cb74a6c46994aa9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

814a4a51afd5a6fa5cb74a6c46994aa9_JaffaCakes118
Size

638KB
MD5

814a4a51afd5a6fa5cb74a6c46994aa9
SHA1

5de89f1995832ac6ca30acb77d4d33e866372c67
SHA256

db450f3c8698a047f26be9e90a3b5433e3cc32240ec8c69b899e95e90cb0af76
SHA512

b52bfbafa4dd089851b7e655525b2b42a85fecb85ebc07db68911193460d16f3326d7c05678f19266eeccce27e4f0fc5a943b8f1d61302777f24ca3b87a410e2
SSDEEP

12288:yMwYaKsernlzxf3m8u6iqXmFZuJvgqq8AGcSTeLmg83+JtOE9QB:yMwYNz7f4hq2y4qqgcWF

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/taobangshou_/taobangshou/手动助手/手动助手.exe	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/taobangshou_/taobangshou/手动助手/手动助手.exe
unpack002/out.upx

Files

814a4a51afd5a6fa5cb74a6c46994aa9_JaffaCakes118
.rar
taobangshou_/9553下载站.url
.url
taobangshou_/taobangshou/手动助手/9553下载站.url
.url
taobangshou_/taobangshou/手动助手/使用更新说明.txt
taobangshou_/taobangshou/手动助手/保存记录.ini
taobangshou_/taobangshou/手动助手/手动助手.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 1.2MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 606KB - Virtual size: 608KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 359KB - Virtual size: 360KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 800KB - Virtual size: 799KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 396KB - Virtual size: 392KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 290KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 364KB - Virtual size: 360KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
taobangshou_/使用更新说明.txt

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 1.2MB

UPX1 Size: 606KB - Virtual size: 608KB

.rsrc Size: 359KB - Virtual size: 360KB

Headers

File Characteristics

Sections

.text Size: 800KB - Virtual size: 799KB

.rdata Size: 396KB - Virtual size: 392KB

.data Size: 68KB - Virtual size: 290KB

.rsrc Size: 364KB - Virtual size: 360KB

UPX0
Size: - Virtual size: 1.2MB

UPX1
Size: 606KB - Virtual size: 608KB

.rsrc
Size: 359KB - Virtual size: 360KB

.text
Size: 800KB - Virtual size: 799KB

.rdata
Size: 396KB - Virtual size: 392KB

.data
Size: 68KB - Virtual size: 290KB

.rsrc
Size: 364KB - Virtual size: 360KB