495271bb1d5b668788a91e63fa7efef1_JaffaCakes118 | Triage

Sharing

General

Target

495271bb1d5b668788a91e63fa7efef1_JaffaCakes118
Size

98KB
MD5

495271bb1d5b668788a91e63fa7efef1
SHA1

5d5086506605ed9328ac7ce58bd5c93b8a6dbb7e
SHA256

ffe2684d95213587de92381fac27e1033992a54de43415f5ca79028e8ce7dc22
SHA512

0176ba97cec2508014d99512575b4927dc50e27af699cd7f5957b583494a2898c4a8b624c776a10656136d014cdb1a33ff78bb99b0e3fd297e8dcfb4e1625fa2
SSDEEP

1536:9kVqufuOR6Lq+KF3Hjl2+Q8SrgnYzWi5ZCxBpGeK8LnB6ctJJUS/BHeKrtKKk:9kAoAKF3Dl2+H1YKiOrTcuJH/7roK

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
495271bb1d5b668788a91e63fa7efef1_JaffaCakes118
unpack001/out.upx

Files

495271bb1d5b668788a91e63fa7efef1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 100KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 70KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ