1b357c87e0a61bfbf994f11235361061_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1b357c87e0a61bfbf994f11235361061_JaffaCakes118
Size

760KB
MD5

1b357c87e0a61bfbf994f11235361061
SHA1

4c8e5d5d9eca78588a327cb203d432ef7ed4b4ef
SHA256

281cc3073c77e528200eda9e4353ffee60fc9f390af230d72b7e2138cde876a9
SHA512

0f34cd5bba67b41691a632d1d3d1936e282839edda1dbd9cc555e3d4273f6124c92ea240a2208f063a364303349eb004ed58230351d6396464d996f0b8aa21ae
SSDEEP

3072:/ZsGagTK3ltisDYXFC/TKyPf9jqT9wFLhYMbJKN3lzwasGjF7ibBdh:ibFM+XPf9s9wFLhYMkN3xwJEF+5

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1b357c87e0a61bfbf994f11235361061_JaffaCakes118

Files

1b357c87e0a61bfbf994f11235361061_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: 612KB - Virtual size: 612KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE