2eb84a651edcc5d16f94e7a54bfd844c_JaffaCakes118

General

Target

2eb84a651edcc5d16f94e7a54bfd844c_JaffaCakes118
Size

52KB
MD5

2eb84a651edcc5d16f94e7a54bfd844c
SHA1

817724584643919067a88bdc7465f43a4cef75de
SHA256

ba730bc73a6987a831a9e3ed1b9eb4ea537c66657e53ae667b4ba81dff840d36
SHA512

6f099c0eb46163ccb40b06c14d307410f0eeb1bbce36bee90e0ed87b220f5902541b7383653c385aff4378679b9697d2bb14a1182e598c5b18e9784cd77809f8
SSDEEP

768:TRt54MKekFklvrNYR1W3sZ9Nndxf5WucUHVzfJ13y1ojfTm5WC/gemQD4fG9:lLXKrklTw15dxf4utRr36cVAmQUf

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
2eb84a651edcc5d16f94e7a54bfd844c_JaffaCakes118
unpack001/out.upx

Files

2eb84a651edcc5d16f94e7a54bfd844c_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Sections

UPX0
Size: - Virtual size: 104KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 51KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

DATA
Size: 22KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

BSS
Size: 6KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 104KB

UPX1 Size: 51KB - Virtual size: 52KB

UPX2 Size: 512B - Virtual size: 4KB

Headers

DLL Characteristics

File Characteristics

Sections

DATA Size: 22KB - Virtual size: 52KB

BSS Size: 6KB - Virtual size: 25KB

.data Size: 6KB - Virtual size: 22KB

.text Size: 35KB - Virtual size: 34KB

.reloc Size: 1KB - Virtual size: 1KB

UPX0
Size: - Virtual size: 104KB

UPX1
Size: 51KB - Virtual size: 52KB

UPX2
Size: 512B - Virtual size: 4KB

DATA
Size: 22KB - Virtual size: 52KB

BSS
Size: 6KB - Virtual size: 25KB

.data
Size: 6KB - Virtual size: 22KB

.text
Size: 35KB - Virtual size: 34KB

.reloc
Size: 1KB - Virtual size: 1KB