2725c33ecb6ed1fc4dbe963c136df5e4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2725c33ecb6ed1fc4dbe963c136df5e4_JaffaCakes118
Size

105KB
MD5

2725c33ecb6ed1fc4dbe963c136df5e4
SHA1

168c56c31cf56d37fee2646ffd2065252cfd003f
SHA256

1d461f80ed21be1aa2cfea66dbf5c95e0980b8cefb6a7d9ea740bb435bbc38ef
SHA512

3f8b4eaeba7774be1d96f8b67d829dee1ff64c264e46b6ab939c39d9b9e7242581989f59f5d190ce6eb50217858a7339555bfa13a5158a8ca242524bbe4e7d4b
SSDEEP

1536:4sexVPpEQryKJZ1XUUeaO1RedVykXtcRakg9Jv5Vjem+S6CZvbFwXq:CVPpEDsVeNRedVygtccHXhVjeo6Cxb+

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
2725c33ecb6ed1fc4dbe963c136df5e4_JaffaCakes118
unpack001/out.upx

Files

2725c33ecb6ed1fc4dbe963c136df5e4_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 96KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 57KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 47KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ