2d250845d805ebce800c6df11c0a27a9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2d250845d805ebce800c6df11c0a27a9_JaffaCakes118
Size

484KB
MD5

2d250845d805ebce800c6df11c0a27a9
SHA1

5b3110cb591ae84b523df01eedcad666af7b2eb6
SHA256

e135e4fadf4d137ffad9db7ddbac3032de7d4c29e0fab0f4ec5caf07e970a264
SHA512

8896b00ae24dc8e6d9f33b1c45c17226d52562c2d0ea9eee9268d5376ddbe67c7d1d0eac7b4ba4fce319504a9de589dd272c00053721ea0c8d1ec7fca8a30114
SSDEEP

6144:ZcL1N2bOcdmd13yJqW0vDEy+yDrke4jKpM33Gj4bLIj6BnJQr4rWyvq5owJcJwrQ:uLfPCerN4m/j4AjNr/ckXdZaD0TDAP

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
2d250845d805ebce800c6df11c0a27a9_JaffaCakes118
unpack001/out.upx

Files

2d250845d805ebce800c6df11c0a27a9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ