429c70c311b1740241d83b79adde656b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

429c70c311b1740241d83b79adde656b_JaffaCakes118
Size

30KB
MD5

429c70c311b1740241d83b79adde656b
SHA1

0e24796803f081ec6ab3a31e551f32b3754b29ce
SHA256

edbb453cc08e8ac79d0c60c0f1ca3803060e8c3a4dd2e2a7b40c50ec3fb0dd46
SHA512

0c1ac8034648cb895e3832915a797cba2d4d04c63b7b84b96a811109501f017ec61efc8ed37943d5d2f72baa1205e09ff189f670a3d4841abd58b0058bd38be5
SSDEEP

768:0woYMIgddEm5bh53EhSt3lScLJOtfq+X30fF:vdKAW/UUWtfq+X30N

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
429c70c311b1740241d83b79adde656b_JaffaCakes118

Files

429c70c311b1740241d83b79adde656b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.
Size: - Virtual size: 1B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE