1bef5e07c79c534a4a7f4054779d8100_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1bef5e07c79c534a4a7f4054779d8100_JaffaCakes118
Size

191KB
MD5

1bef5e07c79c534a4a7f4054779d8100
SHA1

0aeab1c6c4bcc2b01258b9fe3c3bda6d0ca8b94a
SHA256

88973a7407f1232af7937b165a719c690525b612998a25cb24c6d7eba50fe067
SHA512

c19267023aaa7fbac562558b1d1eb5af46192213ab52e772b0e818e866ef74b2fa01fd79971046a04cff6e26fdd695efdcbfc8be4b537c9ce99651c93a850b96
SSDEEP

3072:q3pdBnhX8VVTrwtMj4g1S4dCStUFmBs0a859CH1LyQXkArYNp1cQAk90B/iq9:2nWVlciMottHBs0P9WRFkoYj+BKq

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
1bef5e07c79c534a4a7f4054779d8100_JaffaCakes118
unpack001/out.upx

Files

1bef5e07c79c534a4a7f4054779d8100_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 48KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 165KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ