306478400652eaf4d3472cdbd46ccf5a_JaffaCakes118

General

Target

306478400652eaf4d3472cdbd46ccf5a_JaffaCakes118
Size

70KB
MD5

306478400652eaf4d3472cdbd46ccf5a
SHA1

ab8e761ec942f79d3b8e2fc7b5789e6ef16f5b81
SHA256

6e777869ed49a326b47ecaa681188733409d532467c6c615e89a6da808658d14
SHA512

e38e4a34200c251505255da3bf34d598e0b8aedf65f4b12927136b311508337ba29a89d5cb2112f79f7b2b000872b2f670bf441e657baf7ce974200de3f8131c
SSDEEP

1536:wcs/+FHdM17JnqH+vpNJDC+RXKEU2kb8rn22FNw0ekwx3NZAt7V0:A+F9MvQ+nJZxKB3b8rnBBPwxOy

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
306478400652eaf4d3472cdbd46ccf5a_JaffaCakes118
unpack001/out.upx

Files

306478400652eaf4d3472cdbd46ccf5a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 284KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 67KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.RegWrit
Size: 4KB - Virtual size: 16B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.GetAtlD
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.uninsta
Size: 4KB - Virtual size: 397B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.CloseSy
Size: 4KB - Virtual size: 302B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.InitIns
Size: 4KB - Virtual size: 178B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 312KB - Virtual size: 309KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 284KB

UPX1 Size: 67KB - Virtual size: 68KB

.rsrc Size: 1KB - Virtual size: 4KB

Headers

File Characteristics

Sections

.text Size: 4KB - Virtual size: 2KB

.RegWrit Size: 4KB - Virtual size: 16B

.GetAtlD Size: 4KB - Virtual size: 2KB

.uninsta Size: 4KB - Virtual size: 397B

.CloseSy Size: 4KB - Virtual size: 302B

.InitIns Size: 4KB - Virtual size: 178B

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 312KB - Virtual size: 309KB

.rsrc Size: 4KB - Virtual size: 968B

UPX0
Size: - Virtual size: 284KB

UPX1
Size: 67KB - Virtual size: 68KB

.rsrc
Size: 1KB - Virtual size: 4KB

.text
Size: 4KB - Virtual size: 2KB

.RegWrit
Size: 4KB - Virtual size: 16B

.GetAtlD
Size: 4KB - Virtual size: 2KB

.uninsta
Size: 4KB - Virtual size: 397B

.CloseSy
Size: 4KB - Virtual size: 302B

.InitIns
Size: 4KB - Virtual size: 178B

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 312KB - Virtual size: 309KB

.rsrc
Size: 4KB - Virtual size: 968B