2aca7fa7e38b30a8d2fb8d5e74584cd3_JaffaCakes118 | Triage

Sharing

General

Target

2aca7fa7e38b30a8d2fb8d5e74584cd3_JaffaCakes118
Size

126KB
MD5

2aca7fa7e38b30a8d2fb8d5e74584cd3
SHA1

b0240f45eb2c24ca1216cb4310137da3dcfa60dd
SHA256

4a078aa22883fd7abe7a4445e9fb7600eb70e1c90797b3e8ff60908e01312e62
SHA512

d2ec4e9dd10b4e886d8edb140238af5a767713d3efe45e050198d96b4f7ddcb94a01ac188ce3389bdaf4dcc0edfbdb1f824cb1ec644cf973fe5fe364f790a2e8
SSDEEP

3072:Gpj+PN+aWBxIYQ/bMgmJbr80k65rkv7QWIBbdqDx1g:Gx+PMa2qnogi80k65rkvOBbdqD

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
2aca7fa7e38b30a8d2fb8d5e74584cd3_JaffaCakes118
unpack001/out.upx

Files

2aca7fa7e38b30a8d2fb8d5e74584cd3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 68KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 118KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ