08682c86b2b9975836eb59e4efae4edb_JaffaCakes118 | Triage

Sharing

General

Target

08682c86b2b9975836eb59e4efae4edb_JaffaCakes118
Size

44KB
MD5

08682c86b2b9975836eb59e4efae4edb
SHA1

7037af0e7453a7d92f852a79b5a28af8253271ac
SHA256

8853bd539af6238ab7116cb56080065d32c1eea0de44a049a99926395aaa53ca
SHA512

ffdd1cfd37514da854e8ad4e3899359dbca51274ac7396a188ea9379755d9bbe9024050f04d34d5b312ee234046d1d66ffeefe86feb7b27192949eb62ec187b1
SSDEEP

768:x/+NNjJXSoVAAEtbKaz4iSw4kjXB6RIWZXE5zVTwnD+KEDnsXxEVPTd0/Xfy:xSBSoVAA24iSlk8bwhT5FDnsXxEVPTKn

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
08682c86b2b9975836eb59e4efae4edb_JaffaCakes118
unpack001/out.upx

Files

08682c86b2b9975836eb59e4efae4edb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 92KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 42KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.data
Size: 125KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE