27ae64279076e077af2b556c5888011e_JaffaCakes118 | Triage

Sharing

General

Target

27ae64279076e077af2b556c5888011e_JaffaCakes118
Size

69KB
MD5

27ae64279076e077af2b556c5888011e
SHA1

b1a4018dcf4d784d9c95e4049140b156138f5c95
SHA256

371d358091e4a358d888f487bac86eda9f5fb976f81ad08be71b36d69b64d842
SHA512

37de2e5765501a88aec4ce2a92f29af844180b6d1897b787023184759c1b6200c500aeb4a1e7ecdd95d5435ab6ba27937454bb071d6edde54e1c2799a5cd1f4e
SSDEEP

1536:PLq1QChOUpbP30CGEWBT/XWDMbXXiWa0fH8R:K7hOU5cCwh/XgMbyWa0e

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27ae64279076e077af2b556c5888011e_JaffaCakes118

Files

27ae64279076e077af2b556c5888011e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 523KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 50B - Virtual size: 50B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.UPX1
Size: 50B - Virtual size: 50B

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ