252f5e45a3ab1e6c5ee953f5fd9b53d8_JaffaCakes118

General

Target

252f5e45a3ab1e6c5ee953f5fd9b53d8_JaffaCakes118
Size

84KB
MD5

252f5e45a3ab1e6c5ee953f5fd9b53d8
SHA1

a6b5061350f4bde16a69eabe5234b351292b45cb
SHA256

3ad971525014a160c0ebe0798286f885a2b7de5376d983f7216765dd718b08cb
SHA512

a6e0edb7724cb3692a613df5d764936015e57b0f12618473a22b955c4880018abad53ae458c01d98a8506188ada017e0279c7b51c339ca4f07d289d794de1337
SSDEEP

1536:pW38ICelH9ZojE5xUPbm1aZDz9g0cQobpN0yQrcdTKEZITZp2gvV0RKAlK:pIDV5uPbbng0OFvQ0TwT2guRKr

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
252f5e45a3ab1e6c5ee953f5fd9b53d8_JaffaCakes118
unpack001/out.upx

Files

252f5e45a3ab1e6c5ee953f5fd9b53d8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 2.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.text
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.da226
Size: 128KB - Virtual size: 384KB

IMAGE_SCN_MEM_READ

.da863
Size: 128KB - Virtual size: 384KB

IMAGE_SCN_MEM_READ

.da485
Size: 128KB - Virtual size: 384KB

IMAGE_SCN_MEM_READ

.da377
Size: 128KB - Virtual size: 384KB

IMAGE_SCN_MEM_READ

.da487
Size: 128KB - Virtual size: 384KB

IMAGE_SCN_MEM_READ

.da827
Size: 128KB - Virtual size: 384KB

IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 2.4MB

UPX1 Size: 80KB - Virtual size: 80KB

.rsrc Size: 3KB - Virtual size: 4KB

Headers

File Characteristics

Sections

.text Size: 16KB - Virtual size: 20KB

.rdata Size: 140KB - Virtual size: 140KB

.data Size: 3KB - Virtual size: 4KB

.idata Size: 9KB - Virtual size: 12KB

.da226 Size: 128KB - Virtual size: 384KB

.da863 Size: 128KB - Virtual size: 384KB

.da485 Size: 128KB - Virtual size: 384KB

.da377 Size: 128KB - Virtual size: 384KB

.da487 Size: 128KB - Virtual size: 384KB

.da827 Size: 128KB - Virtual size: 384KB

.rsrc Size: 7KB - Virtual size: 8KB

UPX0
Size: - Virtual size: 2.4MB

UPX1
Size: 80KB - Virtual size: 80KB

.rsrc
Size: 3KB - Virtual size: 4KB

.text
Size: 16KB - Virtual size: 20KB

.rdata
Size: 140KB - Virtual size: 140KB

.data
Size: 3KB - Virtual size: 4KB

.idata
Size: 9KB - Virtual size: 12KB

.da226
Size: 128KB - Virtual size: 384KB

.da863
Size: 128KB - Virtual size: 384KB

.da485
Size: 128KB - Virtual size: 384KB

.da377
Size: 128KB - Virtual size: 384KB

.da487
Size: 128KB - Virtual size: 384KB

.da827
Size: 128KB - Virtual size: 384KB

.rsrc
Size: 7KB - Virtual size: 8KB