177a557132b912bdee265be96a171f26_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

177a557132b912bdee265be96a171f26_JaffaCakes118
Size

259KB
MD5

177a557132b912bdee265be96a171f26
SHA1

407dd6e7fc0a4306248ef025a17b66c68c8bc664
SHA256

739fa2493c9f69c6f3b1048b0e74c97722f0d89f4bc3d1fa2cb8c28cd8191a0b
SHA512

895b3866b0ee703ea728c57b89028f01c13cb841dc3625bb03c3d3c56c3abdba72a07c1a2f4727c964d42e0d0a05ed62bd85822af1150b5a1347991c3b7438ce
SSDEEP

6144:OprVmyo+LZGj0Ay2KNBu8PqP+Qs0txR8DqlAqfID:8mBCd1/j0D6m/f

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
177a557132b912bdee265be96a171f26_JaffaCakes118

Files

177a557132b912bdee265be96a171f26_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: 512B - Virtual size: 196KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 196KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.newIID
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE