33f189e1f7d2bb30e3af566d1a0d3c8b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

33f189e1f7d2bb30e3af566d1a0d3c8b_JaffaCakes118
Size

86KB
MD5

33f189e1f7d2bb30e3af566d1a0d3c8b
SHA1

48cdc01a3f9cb2ec6b171c8cd224f656b21581c2
SHA256

016e288e84b130c594216c2ff4f7b95d4e9338e31f8a5474639bd1a7be45452f
SHA512

61fedb6ce26de93b19b2271a55427a20d1b1efe70efedf34803b19f24faff0ac03299a832a74a7c6d8e600e4ade567a8b7615cdf28169be03d418c6b1f70a36b
SSDEEP

1536:jdTcIWFvq7UGtO2+fOYKjJrDMPBqrFTccJvyK+Z3th:N0vq7U6mGxJrYcFTaK+Nth

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
33f189e1f7d2bb30e3af566d1a0d3c8b_JaffaCakes118
unpack001/out.upx

Files

33f189e1f7d2bb30e3af566d1a0d3c8b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 69KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ