085a7ccb8b85d121727d4ac592f3d7f3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

085a7ccb8b85d121727d4ac592f3d7f3_JaffaCakes118
Size

5KB
MD5

085a7ccb8b85d121727d4ac592f3d7f3
SHA1

0a4aebe2b61084827bed89bdb60af98845334c91
SHA256

18445935d52eee98face187a262f57cdf97ce64c7b33c75133ee84311f8a34bd
SHA512

811691719cc4be3202b547ae1ef5eb5c72814b4677b2cdf39b2dba04ee053af3ea33d132501a2c0f39deea6ca6b546f80951a7b0d777f901ad8596f6cc945832
SSDEEP

96:I29ldIXNPZEGUUoMls5dcs67GlhXDoVvlIPirM5lt1zzi2/I:pJOPZMUoMe6UzyWPaM76oI

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
085a7ccb8b85d121727d4ac592f3d7f3_JaffaCakes118
unpack001/out.upx

Files

085a7ccb8b85d121727d4ac592f3d7f3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE