422b95ee16e4fcc521fb7e651dc5919b_JaffaCakes118

General

Target

422b95ee16e4fcc521fb7e651dc5919b_JaffaCakes118
Size

2.5MB
MD5

422b95ee16e4fcc521fb7e651dc5919b
SHA1

807b8412f04b292953961e58f0b3bb3e83114231
SHA256

49d3adc5061dd99252a61d67311e3ecd2c9685ccd376c8b76e463a4c7ac8c4a0
SHA512

5df810d07a6fc767c1d4251d4fc68e6e0d460f274db310dfef7dade073b64fb4917eb6eda9e139b6c01c2caca64ecaab0bf7f0822d869e6a945e3bbb183a983c
SSDEEP

49152:tfQ/dwE/gFc3g4cpv3ju8RopbJRG+2IYkPqtVP2d9OdjJY69pMC9TB:WwE/gF+g4A3jvkdROLMqbP2O2s2C9d

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
422b95ee16e4fcc521fb7e651dc5919b_JaffaCakes118
unpack001/out.upx

Files

422b95ee16e4fcc521fb7e651dc5919b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 3.2MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 3.9MB - Virtual size: 3.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rodata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 888KB - Virtual size: 887KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 89KB - Virtual size: 178KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rodata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 356KB - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 3.2MB

UPX1 Size: 2.4MB - Virtual size: 2.4MB

.rsrc Size: 52KB - Virtual size: 56KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 3.9MB - Virtual size: 3.9MB

.rodata Size: 1KB - Virtual size: 1KB

.rdata Size: 888KB - Virtual size: 887KB

.data Size: 89KB - Virtual size: 178KB

.rodata Size: 1KB - Virtual size: 1KB

.rsrc Size: 356KB - Virtual size: 356KB

.reloc Size: 152KB - Virtual size: 151KB

UPX0
Size: - Virtual size: 3.2MB

UPX1
Size: 2.4MB - Virtual size: 2.4MB

.rsrc
Size: 52KB - Virtual size: 56KB

.text
Size: 3.9MB - Virtual size: 3.9MB

.rodata
Size: 1KB - Virtual size: 1KB

.rdata
Size: 888KB - Virtual size: 887KB

.data
Size: 89KB - Virtual size: 178KB

.rodata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 356KB - Virtual size: 356KB

.reloc
Size: 152KB - Virtual size: 151KB