2d33e4dcfc4149811decd7041fad9f61_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2d33e4dcfc4149811decd7041fad9f61_JaffaCakes118
Size

126KB
MD5

2d33e4dcfc4149811decd7041fad9f61
SHA1

5198e0ccff99ca9b650b107d16cbcb1cbe6b96f3
SHA256

ff2e4a19174e986483fe31f8a194d28fecd046bee9206fd9fda07c31a730da97
SHA512

f9e9ef41deab93db35e8403b361e693cba6c7230af0ffff5197741587cfc0169ec69c0d933a6446678017c395e4e6363f933acd70af852784989a72559ab30ce
SSDEEP

3072:3MRxK5QECG+g5djhcdAPK9bUfgUZlNi10dQfDt:3IxIQq+mcCK9b4gIlN3d

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d33e4dcfc4149811decd7041fad9f61_JaffaCakes118

Files

2d33e4dcfc4149811decd7041fad9f61_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1c2d3c56017ffc9f272aae4a4d190dcc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA

comctl32

InitCommonControls

Sections

UPX!
Size: 84KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX!
Size: 7KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX!
Size: 20KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX!
Size: 512B - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX!
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX!
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE