336d56de0aa8e26dd63eb5aa87c5bbbb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

336d56de0aa8e26dd63eb5aa87c5bbbb_JaffaCakes118
Size

62KB
MD5

336d56de0aa8e26dd63eb5aa87c5bbbb
SHA1

ad15ac82d8530960ed6d97486bc94dec0fbeb408
SHA256

419a4c2af2629a56cfcd4503a6c323b8a082e2131fe3afc98408c95b5f863e3d
SHA512

2658d083cd8e6f71662c2f5327bdb64d6bfbf1cc734012b86fa6dd36cd0697a5200682fd2b245bd89225f540dd87b4d64fa28b6cd4741561c39c3afb85137c19
SSDEEP

1536:yR1Ycz2BtVLEyAO5CbKQQI8r57unXM7Z213zgzRz3z1zG:gYumfEFO5CeQH8r57+68

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
336d56de0aa8e26dd63eb5aa87c5bbbb_JaffaCakes118
unpack001/out.upx

Files

336d56de0aa8e26dd63eb5aa87c5bbbb_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 56KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 53KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 83KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ