3dac2e9966d541f0a0a9f47e061e011d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3dac2e9966d541f0a0a9f47e061e011d_JaffaCakes118
Size

292KB
MD5

3dac2e9966d541f0a0a9f47e061e011d
SHA1

53372eac033ea358d03b319181e607f5002d776e
SHA256

6d52469778db11ed805dc78f0ffb16788d3e876de119fd7891afbcd052a78071
SHA512

f4b9cecff09cfd1a0ce0b687b82443dc51cb486ef5250414dbac52c91414f0723d44d9d40122c3d415bf0a33d6f395c4a6651ed0fcea5e5ce0486e7178c0eede
SSDEEP

6144:Bk4qmhpRAQsvE9BatbcKgZDBM/eWK3lEc+fNfSPZPQGVJ96m4PFBnt2TX0l:W90AN8LobeDBmz2y6/VJ96B2TX0l

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3dac2e9966d541f0a0a9f47e061e011d_JaffaCakes118

Files

3dac2e9966d541f0a0a9f47e061e011d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 276KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE