5addd6d26d89f05de4a265dff8a869a9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5addd6d26d89f05de4a265dff8a869a9_JaffaCakes118
Size

167KB
MD5

5addd6d26d89f05de4a265dff8a869a9
SHA1

4539472f0724e1da1110d97e983d934bd28447b8
SHA256

c11dc139dca9490e86711dae4f897018b0f6f13fe13d5337cd2c7ccd1f321f4d
SHA512

c0e87add919a28242785879145f0014d57d0761bec8c130b198352274111cd70e363358acccaabe84ad3be2dbfe77a84c6179123e7a7be39b9fe4b5fd5cce8b7
SSDEEP

3072:VNmwcIdCfOcp2B9kaSqPj7qjPjPjPjPjPjPxUPAkIJ:a16E2nT7o77777k

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5addd6d26d89f05de4a265dff8a869a9_JaffaCakes118

Files

5addd6d26d89f05de4a265dff8a869a9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 96KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 35KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

dshybva
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.PUPX1
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE