3d7f268547ee43f391c83fb0d4af18bc_JaffaCakes118 | Triage

Sharing

General

Target

3d7f268547ee43f391c83fb0d4af18bc_JaffaCakes118
Size

162KB
MD5

3d7f268547ee43f391c83fb0d4af18bc
SHA1

17b87ab4c7752a8ac7117f9f9d4461cbf85f9054
SHA256

5103d072ad0d01705a5cff80884a111b719c15be4b54ad371c5db5204de68e42
SHA512

62cdb5253b5a42de1c09a507dd36467e1c6d3607816a263d26e71d7a26a9cbe7355227e1d5aa8e3d8878b6c7248ca83217fdbed2b1714cef24594bb4b724ccea
SSDEEP

3072:+UM9+yKvPSf+Y2q7iRxhBBMRAqxehkOohYJi3IYUFrZ6:fm+yKHSj74SU1oOJK5

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
3d7f268547ee43f391c83fb0d4af18bc_JaffaCakes118
unpack001/out.upx

Files

3d7f268547ee43f391c83fb0d4af18bc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 268KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 110KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 328KB - Virtual size: 327KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ