07496066aa48d31578919b9d4223ec69_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

07496066aa48d31578919b9d4223ec69_JaffaCakes118
Size

192KB
MD5

07496066aa48d31578919b9d4223ec69
SHA1

f485476f569c94367eb2f47bcb87948a5a234ae8
SHA256

b05d2ddfd248723c9c6fc75b25b798cd145f3b6e07495a03ecb30e0a30ee0214
SHA512

2d99f92d7feee21204b33f6d92d18606a27a8f1e13eea294ce67141cb512418b38c76d282398e9c28e26f508d428f03368eceac69657eb0756d140b516596eac
SSDEEP

3072:DyTZR1rxm4AM5gmS4JqNkg/SRo9GU3da41qAWXN3RiM2GPkPfgOTX2Nz4kvelm4z:DyTL1Vm0bJqzbLDqAINtMPfgOekNlcl

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
07496066aa48d31578919b9d4223ec69_JaffaCakes118
unpack001/out.upx

Files

07496066aa48d31578919b9d4223ec69_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 35.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 172KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.text
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_MEM_READ

.ndata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 10KB - Virtual size: 35.3MB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_MEM_READ