2bca61bb59025937bc766cfa0537282b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2bca61bb59025937bc766cfa0537282b_JaffaCakes118
Size

266KB
MD5

2bca61bb59025937bc766cfa0537282b
SHA1

d320e92581ba99fc1444de7fd4ce853b8dbac803
SHA256

13fa06c0f509c4adc8b11ce5e6388deacb3a20bcccd2c908b1e9ca3c0696ea11
SHA512

bfb453de81dced4e30bfb97b4d410eb3b7ad66de2d33fc297cc1728922affcff4f1f8aea651366e642a28a6c019fbf7e618e89b8a968eb0ff0814b12f1e2ad01
SSDEEP

6144:ANoqNoShGSi7dL/+aEWdnGFuefSZ+oiVZHOIryGU/B9LD4A8QrV+q:APNoS8jdL/+cdAKZ+9ZuIryGUvj8Qr3

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
2bca61bb59025937bc766cfa0537282b_JaffaCakes118
unpack001/out.upx

Files

2bca61bb59025937bc766cfa0537282b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 104KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 59KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 96KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ