b1059784456b5fe804732ce1f2fcfaa0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b1059784456b5fe804732ce1f2fcfaa0_JaffaCakes118
Size

1.7MB
MD5

b1059784456b5fe804732ce1f2fcfaa0
SHA1

ba010bfb915f75119e4e6374cf08550d8b41e508
SHA256

879a43469c3de725f352c679665c51f51d8a6b1b039de13ca47672c946a04163
SHA512

574fc11edc16d0a4aee2a47766c5ea62ff5d5288bf7dab69062fb87a867989b461e82a54716898a51fdf7a5f4882401c22a1b4a2845f309beb05a41bd3471965
SSDEEP

49152:9KJdfOdIAykzyxyDwUSJ4C1ccnlPAZwgl:efQJ3UUALlPAZwgl

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/201408132222514923/七夕表白.exe	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/201408132222514923/七夕表白.exe
unpack002/out.upx

Files

b1059784456b5fe804732ce1f2fcfaa0_JaffaCakes118
.rar
201408132222514923/Default/Config.ini
201408132222514923/Default/MGH_BG.gif
.gif
201408132222514923/Default/MGH_Default.bmp
201408132222514923/Default/MGH_Focus.bmp
201408132222514923/Default/Music_BG.mp3
201408132222514923/Default/Subtitle.txt
201408132222514923/Default/配置文件修改说明.txt
201408132222514923/七夕表白.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 704KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 566KB - Virtual size: 568KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 102KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 524KB - Virtual size: 523KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 344KB - Virtual size: 341KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 270KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 120KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
使用说明.url
极速软件下载.url
.url

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 704KB

UPX1 Size: 566KB - Virtual size: 568KB

.rsrc Size: 102KB - Virtual size: 104KB

Headers

File Characteristics

Sections

.text Size: 524KB - Virtual size: 523KB

.rdata Size: 344KB - Virtual size: 341KB

.data Size: 80KB - Virtual size: 270KB

.rsrc Size: 120KB - Virtual size: 117KB

UPX0
Size: - Virtual size: 704KB

UPX1
Size: 566KB - Virtual size: 568KB

.rsrc
Size: 102KB - Virtual size: 104KB

.text
Size: 524KB - Virtual size: 523KB

.rdata
Size: 344KB - Virtual size: 341KB

.data
Size: 80KB - Virtual size: 270KB

.rsrc
Size: 120KB - Virtual size: 117KB