469c0ab22294610728f1aec8182cb4dc_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

469c0ab22294610728f1aec8182cb4dc_JaffaCakes118
Size

75KB
MD5

469c0ab22294610728f1aec8182cb4dc
SHA1

94619a1727fd405e0f676c2b52fbdeb780d7107f
SHA256

f0636d33f7193131fe9d2f3e46187f4be2072025514d6d99d7d152e2b67b511d
SHA512

f86e8d59726bb56f08fdfef96d829afdda250db245da52bdf282c2aba731eb35dabbe962460fe6291f67dcb87fe1bd2e24bb58b1de04aa14908181016ebf9724
SSDEEP

1536:83TMb1FpPtMNBdYjCpl1fnouy8Jz/aFQwXsoFCw:keLpPtyb1PoutpyFQIsaCw

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Files

469c0ab22294610728f1aec8182cb4dc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Code Sign

3d:6e:51:bc:a5:fe:56:4a:b5:85:8e:f3:99:6e:f8:a0
Certificate

Issuer

CN=NullpoActivatorCA,OU=NullpoActivatorCA,O=NullpoActivatorCA,C=JP,1.2.840.113549.1.9.1=#0c1a6e756c6c706f6163742e697661746f7240676d61696c2e636f6d

Not Before

08-08-2011 09:31

Not After

31-12-2039 23:59

Subject

CN=NullpoActivator,OU=NullpoActivatorCA,O=NullpoActivator,C=JP,1.2.840.113549.1.9.1=#0c1a6e756c6c706f6163742e697661746f7240676d61696c2e636f6d

5f:98:f0:a6:2c:f4:1e:bb:40:df:09:3c:d0:8e:e5:87
Certificate

Issuer

CN=NullpoActivatorCA,OU=NullpoActivatorCA,O=NullpoActivatorCA,C=JP,1.2.840.113549.1.9.1=#0c1a6e756c6c706f6163742e697661746f7240676d61696c2e636f6d

Not Before

08-08-2011 09:31

Not After

31-12-2039 23:59

Subject

CN=NullpoActivatorCA,OU=NullpoActivatorCA,O=NullpoActivatorCA,C=JP,1.2.840.113549.1.9.1=#0c1a6e756c6c706f6163742e697661746f7240676d61696c2e636f6d

2f:b3:b2:66:a9:5e:ef:b3:e3:4c:5b:af:45:cc:d8:e5:89:a1:92:1d
Signer

Actual PE Digest

2f:b3:b2:66:a9:5e:ef:b3:e3:4c:5b:af:45:cc:d8:e5:89:a1:92:1d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 152KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 36KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Code Sign

3d:6e:51:bc:a5:fe:56:4a:b5:85:8e:f3:99:6e:f8:a0Certificate

5f:98:f0:a6:2c:f4:1e:bb:40:df:09:3c:d0:8e:e5:87Certificate

2f:b3:b2:66:a9:5e:ef:b3:e3:4c:5b:af:45:cc:d8:e5:89:a1:92:1dSigner

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 152KB

UPX1 Size: 36KB - Virtual size: 40KB

.rsrc Size: 36KB - Virtual size: 40KB

3d:6e:51:bc:a5:fe:56:4a:b5:85:8e:f3:99:6e:f8:a0
Certificate

5f:98:f0:a6:2c:f4:1e:bb:40:df:09:3c:d0:8e:e5:87
Certificate

2f:b3:b2:66:a9:5e:ef:b3:e3:4c:5b:af:45:cc:d8:e5:89:a1:92:1d
Signer

UPX0
Size: - Virtual size: 152KB

UPX1
Size: 36KB - Virtual size: 40KB

.rsrc
Size: 36KB - Virtual size: 40KB