3d54ba61be914f5e5bbc04fec6533827_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3d54ba61be914f5e5bbc04fec6533827_JaffaCakes118
Size

375KB
MD5

3d54ba61be914f5e5bbc04fec6533827
SHA1

fef338bfc2865c6c84f05d211223e777c85b6e5f
SHA256

53f4adaa0c28a3717ea051a3f1a85d44c79cb3203cc1e490848d247f26b8efff
SHA512

007652f22669afe57ac3a7f959b28a814df5ed6e5c8c0b17d553607d1450f18d4f2b47c795a08a25c194b6b61d53044056bf134b33cf3b1ad9ad4a380b31fa48
SSDEEP

6144:2IoDs8QVQ26/2sIVTASI+MrAblhHOIjBtoWMqlfe4Ig+EW5p5tsrkIr+UPCOK20n:2IoDsL6e7TQDk/MsIh5ftsrkmFKK0Csn

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
3d54ba61be914f5e5bbc04fec6533827_JaffaCakes118
unpack001/out.upx

Files

3d54ba61be914f5e5bbc04fec6533827_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 708KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 328KB - Virtual size: 332KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 732KB - Virtual size: 728KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 204KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ