4e0ebebf4bd1c14af0562fdd1ef3eb09_JaffaCakes118 | Triage

Sharing

General

Target

4e0ebebf4bd1c14af0562fdd1ef3eb09_JaffaCakes118
Size

77KB
MD5

4e0ebebf4bd1c14af0562fdd1ef3eb09
SHA1

fdb16a4bd0d44422962dd49e6d3a7c49e0532cba
SHA256

d4ffcd751cf2f74c39a0c6e2730a902a737cbefe672038fe2eb142eeb9e142dc
SHA512

b19c2226da9bf85bc0a439713b53b329e20b43392f07b3b6b88f23d5e763ba66227586c4ee1f229d3d4ce9fc493d25d388081095f8ae494690bf35ad10e29451
SSDEEP

1536:JXfLPxCjo9WyQ7f0ItBrydwS9GUwaTXt3lCqepYEyoj:JXTQU5kf0Izyp9GUNt3lCqepL

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
4e0ebebf4bd1c14af0562fdd1ef3eb09_JaffaCakes118
unpack001/out.upx

Files

4e0ebebf4bd1c14af0562fdd1ef3eb09_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 69KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ