07ce1f1aa44caf4669aee65cc73d2bc1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

07ce1f1aa44caf4669aee65cc73d2bc1_JaffaCakes118
Size

262KB
MD5

07ce1f1aa44caf4669aee65cc73d2bc1
SHA1

e11b419d41582b69c4c7c1d1fa54bb0d2b6de5ce
SHA256

d0e22fd9adfeb2d8b4f35cb89c43571c363981fbffaa4a54c12a545f6199c3a3
SHA512

cfa7bb1daecec2a5411cf89c9f0e90c46731f9369d4e8b9cf410b945776e4c2c807742a329350c4973e558cd70a5d6621cd82116d1811f0fbe7c45f4faf95e39
SSDEEP

6144:jqst8Jh/lXoy21QZANneX0RNnuNlA0oALe77ZmWaJJXd8lHfQZi:3Snd4y24ANTR1mlA0Re77baJ1dOT

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
07ce1f1aa44caf4669aee65cc73d2bc1_JaffaCakes118
unpack001/out.upx

Files

07ce1f1aa44caf4669aee65cc73d2bc1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 452KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 253KB - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 448KB - Virtual size: 445KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ