1b6b1cda25f657f3ae3dcb0aca5e07f6_JaffaCakes118 | Triage

Sharing

General

Target

1b6b1cda25f657f3ae3dcb0aca5e07f6_JaffaCakes118
Size

1.5MB
MD5

1b6b1cda25f657f3ae3dcb0aca5e07f6
SHA1

e279a2154d1ea9e6f2c35bc3435494c739a4a543
SHA256

f310b1f48876344f34df2da2875c312caf3bc12077fe00f3ad0facd084c71549
SHA512

b31d81bac1051bae55fa37291505169859ce8c7691d702ffe40d79393e21247da269415994161198a12524976c83b881233375a31e735dff22524e5a274dd56e
SSDEEP

24576:m8HU5jZMhfO0agw5meuR4gNZcER74AcVvVENGSg46Jcn:m8Hw01agw5i4PEaF46Jcn

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

1b6b1cda25f657f3ae3dcb0aca5e07f6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Code Sign

78:e1:dd:e6:66:d1:24:e2:7a:76:2f:c4:3d:9f:dc:44:dd:43:4e:60
Signer

Actual PE Digest

78:e1:dd:e6:66:d1:24:e2:7a:76:2f:c4:3d:9f:dc:44:dd:43:4e:60

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 1.8MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 324KB - Virtual size: 324KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE