4d580d06b11d2ff2dcf2c41f4c8c30ef_JaffaCakes118 | Triage

Sharing

General

Target

4d580d06b11d2ff2dcf2c41f4c8c30ef_JaffaCakes118
Size

483KB
MD5

4d580d06b11d2ff2dcf2c41f4c8c30ef
SHA1

9a45f9544a4867b67d22f36715ea1a59b325f285
SHA256

03ba14ded678b6252fa6dd4fff63e878fb8bd885dd10c428cc4835ee0b782bda
SHA512

e7d3c9badc8c9e7af6530c0ffad67742c3323b59c7db6722d88f5ba1cdd1a90ec9fa398885ebbfb4bb0311b421e1311c90a3876aa121cfe039cb87e07180ba47
SSDEEP

12288:SrdowI9xV9Htra/6WhCZQ3rMujRGJcYh9GQDqqUq+:Srdo9bdY/fQZE79S6CUq+

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
4d580d06b11d2ff2dcf2c41f4c8c30ef_JaffaCakes118
unpack001/out.upx

Files

4d580d06b11d2ff2dcf2c41f4c8c30ef_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 540KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 481KB - Virtual size: 484KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 964KB - Virtual size: 964KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ