4bc496659b17b33bb0e0be49c56e6ecc_JaffaCakes118 | Triage

Sharing

General

Target

4bc496659b17b33bb0e0be49c56e6ecc_JaffaCakes118
Size

74KB
MD5

4bc496659b17b33bb0e0be49c56e6ecc
SHA1

78f16e6207ef21439819febeb93b15df7f626d78
SHA256

c202f72eade08303019f8ff1c76ec933eda0a0a89d987ae1d0031d021096a388
SHA512

b7d919cb655f9e8997280f7ecc28d2482099cb094e88f868258ebec6f0a3922b29f575f5605ec66fbab15701f36358aa426ee2e52a2d5c3223fc8a5a6b3c5c99
SSDEEP

1536:QOkwvPKCD+W6WlFe/iw8k88er1t109DOb2u/Gi/PoJpK:QQvPNB6iXH1z09Dqh/vE

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
4bc496659b17b33bb0e0be49c56e6ecc_JaffaCakes118
unpack001/out.upx

Files

4bc496659b17b33bb0e0be49c56e6ecc_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 28KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 68KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ