27f6dd3de3079476bcff81179549d4d8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

27f6dd3de3079476bcff81179549d4d8_JaffaCakes118
Size

1.5MB
MD5

27f6dd3de3079476bcff81179549d4d8
SHA1

78eb22876da207869031ab696482af47e47d044c
SHA256

8042ef479a124cb2613610ca0691a55dcab70abdf25e65bed32ba7798d092aff
SHA512

6fff33c9e0b3fdb3e093649d3750658064ac80d0112f44c019fb41015890f1e7c1cd903453a23359fc7f71cf2750dd8bc5627e334e702475df0fa9f64303ad19
SSDEEP

24576:0fZW6j9QhuE31g4bTDlIFOS3yMOeQRwlAQhgvox5lFlIJMcpTlIY7uxdu/6Nq8aH:0x5j+44bTeFOS3yMOJR+A8n5nlIqoTue

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
27f6dd3de3079476bcff81179549d4d8_JaffaCakes118
unpack001/out.upx

Files

27f6dd3de3079476bcff81179549d4d8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 28KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ