4244c4227f33faa74d33dba99bd48720_JaffaCakes118

General

Target

4244c4227f33faa74d33dba99bd48720_JaffaCakes118
Size

70KB
MD5

4244c4227f33faa74d33dba99bd48720
SHA1

ad614f4f3cae8733337a0a65ff63c40a92a16613
SHA256

80765c56152927af88ff7969ac77515c3b7bc07f15fc1c5b5a527a2faaf3cae9
SHA512

28a0d46bc7d1a5ce4d2a7242c78c57732a9002b9e0e4dc718fc996f611d2bdddc580e21c2a65021367ad6e5511b24d0ccc9abd04c0598e4fca566ed7237cbec5
SSDEEP

1536:Dcs/+FHdM17JnqH+vpNJDC+RXKEU2kb8rn22FNw0ekwx3NZAt7pi0:1+F9MvQ+nJZxKB3b8rnBBPwxOpr

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
4244c4227f33faa74d33dba99bd48720_JaffaCakes118
unpack001/out.upx

Files

4244c4227f33faa74d33dba99bd48720_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 284KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 67KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.RegWrit
Size: 4KB - Virtual size: 16B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.GetAtlD
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.uninsta
Size: 4KB - Virtual size: 397B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.CloseSy
Size: 4KB - Virtual size: 302B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.InitIns
Size: 4KB - Virtual size: 178B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 312KB - Virtual size: 309KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 284KB

UPX1 Size: 67KB - Virtual size: 68KB

.rsrc Size: 1KB - Virtual size: 4KB

Headers

File Characteristics

Sections

.text Size: 4KB - Virtual size: 2KB

.RegWrit Size: 4KB - Virtual size: 16B

.GetAtlD Size: 4KB - Virtual size: 2KB

.uninsta Size: 4KB - Virtual size: 397B

.CloseSy Size: 4KB - Virtual size: 302B

.InitIns Size: 4KB - Virtual size: 178B

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 312KB - Virtual size: 309KB

.rsrc Size: 4KB - Virtual size: 968B

UPX0
Size: - Virtual size: 284KB

UPX1
Size: 67KB - Virtual size: 68KB

.rsrc
Size: 1KB - Virtual size: 4KB

.text
Size: 4KB - Virtual size: 2KB

.RegWrit
Size: 4KB - Virtual size: 16B

.GetAtlD
Size: 4KB - Virtual size: 2KB

.uninsta
Size: 4KB - Virtual size: 397B

.CloseSy
Size: 4KB - Virtual size: 302B

.InitIns
Size: 4KB - Virtual size: 178B

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 312KB - Virtual size: 309KB

.rsrc
Size: 4KB - Virtual size: 968B