9c56baff23698a900e8427b8bebbc4df_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9c56baff23698a900e8427b8bebbc4df_JaffaCakes118
Size

781KB
MD5

9c56baff23698a900e8427b8bebbc4df
SHA1

55414644464aa4c8e59152f9b681a8dbeabf54be
SHA256

78bdd75ef50baa6f1efb448584ad3470196a40166a610185dee1fab3e1c8c661
SHA512

b61832286beb0ad03d300f41d21cb53838945a08d06ef05939d50c6b5be3f65a67df80f1fa47e9cf15f77adb4cd76b975f5021080788b0acc31515bc8aed8118
SSDEEP

12288:N8t53Y/lGdz76D7jUxLGp9nWctenT6uJlbS5TCx:NmjdooYp9F5ux

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
9c56baff23698a900e8427b8bebbc4df_JaffaCakes118
unpack001/out.upx

Files

9c56baff23698a900e8427b8bebbc4df_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 1020KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 354KB - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 426KB - Virtual size: 428KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 595KB - Virtual size: 594KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 665KB - Virtual size: 664KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ