0e0883ec5656ed85ff7101e34f5e29bd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0e0883ec5656ed85ff7101e34f5e29bd_JaffaCakes118
Size

183KB
MD5

0e0883ec5656ed85ff7101e34f5e29bd
SHA1

0dd9716209c1a5688eee05901c9e47672f07fce8
SHA256

3ee1118a0e9637628a44292d554a53fb9d3e27649d46dd1c7a5dd06d8509a925
SHA512

ca346de5e1ab38cafc1e8450f4915fac60545c77ce1f746bee8b21a70d8964956306dd4c5c672609b6f7cd31eaa390f094983db3c18cb6d009c571fd5df046d0
SSDEEP

3072:EamFnQYUM6m3SP2sVSdEnfWZN3cbgonk9sX1qalYuhLJNdjQVVTuP5J85Vi9iqVN:Eazq3aipalYuhoao5sQkzuO

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e0883ec5656ed85ff7101e34f5e29bd_JaffaCakes118

Files

0e0883ec5656ed85ff7101e34f5e29bd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 107KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

42vab535
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

oqvrztrg
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ