3879ee5a099112454f2d5d427c88170d_JaffaCakes118

General

Target

3879ee5a099112454f2d5d427c88170d_JaffaCakes118
Size

1.6MB
MD5

3879ee5a099112454f2d5d427c88170d
SHA1

9be34073721fb0c66583bc38add8ec213be7c89e
SHA256

c2e7374dd42b7aea1ebc16b6bd1dd6fc3eef366c2b466be5bd732a8225db442b
SHA512

c4718614aab3320660bd9acddd3ae158f7b892d80cf6740dceec1e5bd51178f1f69a470c275b21db62c2b750a642bfe30f9aee8e524e77cd7535b6d8d08ca045
SSDEEP

24576:6hIVekxpg2yngRZ/2OtVETDs5MoJsV2LxpI0yA07f5SbBPifiv6rTW:b86g2ynfWVETDwxxpZyA07ficqv6/W

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
3879ee5a099112454f2d5d427c88170d_JaffaCakes118
unpack001/out.upx

Files

3879ee5a099112454f2d5d427c88170d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 1.8MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 242KB - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 506KB - Virtual size: 506KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 1.8MB

UPX1 Size: 242KB - Virtual size: 244KB

.rsrc Size: 1.4MB - Virtual size: 1.4MB

Headers

File Characteristics

Sections

CODE Size: 506KB - Virtual size: 506KB

DATA Size: 9KB - Virtual size: 9KB

BSS Size: - Virtual size: 3KB

.idata Size: 9KB - Virtual size: 8KB

.tls Size: - Virtual size: 16B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 35KB - Virtual size: 34KB

.rsrc Size: 1.4MB - Virtual size: 1.4MB

UPX0
Size: - Virtual size: 1.8MB

UPX1
Size: 242KB - Virtual size: 244KB

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

CODE
Size: 506KB - Virtual size: 506KB

DATA
Size: 9KB - Virtual size: 9KB

BSS
Size: - Virtual size: 3KB

.idata
Size: 9KB - Virtual size: 8KB

.tls
Size: - Virtual size: 16B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 35KB - Virtual size: 34KB

.rsrc
Size: 1.4MB - Virtual size: 1.4MB