bd7cb1f2f35632f3ca85dcbbeea3f3cd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bd7cb1f2f35632f3ca85dcbbeea3f3cd_JaffaCakes118
Size

853KB
MD5

bd7cb1f2f35632f3ca85dcbbeea3f3cd
SHA1

9a04689eb9beaf3b77917b4d265d5fb6d56bfa39
SHA256

72a08855e04660ea7ffb1073c425a0b832e3f4371e4c195703037fc3bb1cbef5
SHA512

66282a9de64ff76024ff4a397023c10bfda719eae0b66b56c9fc590d2fef6f173e2269776c5556446f3133a6d257175286c69adedf9f3b4ba7518c6ea2e6c57b
SSDEEP

12288:Df2y8Fvawox88zZe/kqpmMU/pvOa4/aYfjURfB2uVUXK77INL5GqIN08w8qQM2lR:z219ox8hosSsUR52mkNLnx84wdtLZ

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
bd7cb1f2f35632f3ca85dcbbeea3f3cd_JaffaCakes118
unpack001/out.upx

Files

bd7cb1f2f35632f3ca85dcbbeea3f3cd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 1.6MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 725KB - Virtual size: 728KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 126KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 558KB - Virtual size: 558KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ