098334b0b99179cbea6fa73b66debdaa_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

098334b0b99179cbea6fa73b66debdaa_JaffaCakes118
Size

164KB
MD5

098334b0b99179cbea6fa73b66debdaa
SHA1

0d214b8ba8c4f38790b1d6da37cbf1ccc4723d98
SHA256

2076f129d17b0bda3b8f131e7e1a5bf048b0b067e5a91c82fe9ba3d5fc70df3e
SHA512

b0c7491f760899e583ea262aa8032cd506d0b3f8f7bb0f80ec869e328d123829cc9470d1403677f827eb07956e7ee9bbe23f70fbe94eab4d044b31a174e483ca
SSDEEP

3072:2k2CUCMxp6C2upt7rfFsiYfkyh713UQ0oXhP9dphCjOKAkndP+2eN:v2CfS6XeF0fhZ3UQ04ZhiOanUdN

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
098334b0b99179cbea6fa73b66debdaa_JaffaCakes118
unpack001/out.upx

Files

098334b0b99179cbea6fa73b66debdaa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 116KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 162KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 264KB - Virtual size: 263KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ