0fe70c925e9916adb3b4ffa7b861b1d5_JaffaCakes118

General

Target

0fe70c925e9916adb3b4ffa7b861b1d5_JaffaCakes118
Size

184KB
MD5

0fe70c925e9916adb3b4ffa7b861b1d5
SHA1

d3700d9f725d2c9d9f41ec52b302384026393ef6
SHA256

2a29e0b683676b6b14eadaba6292551e2dcebf652d728e129d597644c519102a
SHA512

1ae5651878d058d77089ae9542081ad41d9c30a0bf6d23c6fe34ba93d70d57cb35b9e10621226e04bd582b7d65a7f5f0b81f006f31048daa186f64de4eb3e2f3
SSDEEP

3072:jl63wcx0WFqWHLBpbGSzTxvSQXLojnKhXnOcA1b8uva/mT4IsrOxWUS/ADa:jlMwcx5qWH9pKSzNSQX2nXceWQWr+Ko2

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
0fe70c925e9916adb3b4ffa7b861b1d5_JaffaCakes118
unpack001/out.upx

Files

0fe70c925e9916adb3b4ffa7b861b1d5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 181KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP
IMAGE_FILE_UP_SYSTEM_ONLY

Sections

m��j
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�C"�q׍
Size: 158KB - Virtual size: 157KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

U�O!�jr�
Size: 512B - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

' �l}X�
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

��)�X
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�`yԾ��
Size: 1024B - Virtual size: 832B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 40KB

UPX1 Size: 181KB - Virtual size: 184KB

.rsrc Size: 1KB - Virtual size: 4KB

Headers

File Characteristics

Sections

m��j Size: - Virtual size: 2KB

�C"�q׍ Size: 158KB - Virtual size: 157KB

U�O!�jr� Size: 512B - Virtual size: 3KB

' �l}X� Size: 7KB - Virtual size: 7KB

����)�X Size: 32KB - Virtual size: 31KB

�`yԾ�� Size: 1024B - Virtual size: 832B

UPX0
Size: - Virtual size: 40KB

UPX1
Size: 181KB - Virtual size: 184KB

.rsrc
Size: 1KB - Virtual size: 4KB

m��j
Size: - Virtual size: 2KB

�C"�q׍
Size: 158KB - Virtual size: 157KB

U�O!�jr�
Size: 512B - Virtual size: 3KB

' �l}X�
Size: 7KB - Virtual size: 7KB

��)�X
Size: 32KB - Virtual size: 31KB

�`yԾ��
Size: 1024B - Virtual size: 832B