2de7cc03d163c31e9d9804386bdb31e3_JaffaCakes118

General

Target

2de7cc03d163c31e9d9804386bdb31e3_JaffaCakes118
Size

1011KB
MD5

2de7cc03d163c31e9d9804386bdb31e3
SHA1

7a49f556b73c7f1ceb5de0a44dcbaa2d347a831d
SHA256

8ea94d9da83a4407d833672a40a86d4f5726a82c7eba305a24dceb4d83bb05d4
SHA512

62fa816317f80476ff99ffb8646e853fb0856fc77e10d84aba609de2ae03046f46d66fd1b20d7653beac7a11a03b0acd368179309355ed1ea4f6b0ecf24f203b
SSDEEP

24576:BeEFwFlBFM+AwpRH0eMn8nhzP3x6Jgxu6M3fFdQXfX:BeEcGwnXS85P5Hf

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/EditServer.exe	upx
static1/unpack001/SubSeven.exe	upx
static1/unpack001/server.exe	upx

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/EditServer.exe
unpack001/SubSeven.exe
unpack001/server.exe

Files

2de7cc03d163c31e9d9804386bdb31e3_JaffaCakes118
.zip
EditServer.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 900KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

UPX3
Size: 283KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
SubSeven.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 1.3MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

UPX3
Size: 403KB - Virtual size: 404KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
server.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 912KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

UPX3
Size: 316KB - Virtual size: 320KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 900KB

UPX1 Size: 8KB - Virtual size: 8KB

UPX2 Size: 4KB - Virtual size: 4KB

UPX3 Size: 283KB - Virtual size: 284KB

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 1.3MB

UPX1 Size: 10KB - Virtual size: 12KB

UPX2 Size: 4KB - Virtual size: 4KB

UPX3 Size: 403KB - Virtual size: 404KB

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 912KB

UPX1 Size: 7KB - Virtual size: 8KB

UPX2 Size: 4KB - Virtual size: 4KB

UPX3 Size: 316KB - Virtual size: 320KB

UPX0
Size: - Virtual size: 900KB

UPX1
Size: 8KB - Virtual size: 8KB

UPX2
Size: 4KB - Virtual size: 4KB

UPX3
Size: 283KB - Virtual size: 284KB

UPX0
Size: - Virtual size: 1.3MB

UPX1
Size: 10KB - Virtual size: 12KB

UPX2
Size: 4KB - Virtual size: 4KB

UPX3
Size: 403KB - Virtual size: 404KB

UPX0
Size: - Virtual size: 912KB

UPX1
Size: 7KB - Virtual size: 8KB

UPX2
Size: 4KB - Virtual size: 4KB

UPX3
Size: 316KB - Virtual size: 320KB