0f71889cb3f3d62e6c3947e86a1bcc45_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0f71889cb3f3d62e6c3947e86a1bcc45_JaffaCakes118
Size

181KB
MD5

0f71889cb3f3d62e6c3947e86a1bcc45
SHA1

4dbf3d77c86fcfce24c4de07a0894d7830aa1c8f
SHA256

32f8145574a0131383399ccdf6a17beb1a1e09c976a30644ba43f478d429ca2f
SHA512

51358fbf315e5ec444119f8c034cc94a5a728152fb9fad6d56ea5bbfd4b9e0cf5880a4df30bfaee8eb65aec4a1cafc7dc7188e49259bb428f5b9599d013ae9e3
SSDEEP

3072:vjr5ELbGnzi+aoiIY15IwsouLayy4Pkpp+xHx3HZGCzRjNj:BhXaN1xsfcsgpcRpJVjNj

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f71889cb3f3d62e6c3947e86a1bcc45_JaffaCakes118

Files

0f71889cb3f3d62e6c3947e86a1bcc45_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 51KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE