5dab22e5e93eb76809c55b17051cdee8_JaffaCakes118

General

Target

5dab22e5e93eb76809c55b17051cdee8_JaffaCakes118
Size

118KB
MD5

5dab22e5e93eb76809c55b17051cdee8
SHA1

e6c9fa8d54f6b7750e45f01cd653ea593b222144
SHA256

1c9550fab6bfa0c2b098bcb7e23c549800f760652c68d93c4a3174cdbac4ab38
SHA512

a8fff7ed97a784207e99df063e60d1f70d35440b3ed9d1a2a940269c65c4e77ac17d5b9135dadb47540eeb4b211cad48b051cdefb02a737ef46aedf75fe5ce96
SSDEEP

3072:lcJ1VY3KcBwxrafA/ATOLKYN8sS+VnZctyo6gWttJ8uwhwXdp:lcJKBSqOLH9jxtJTd

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
5dab22e5e93eb76809c55b17051cdee8_JaffaCakes118
unpack001/out.upx

Files

5dab22e5e93eb76809c55b17051cdee8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 116KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 116KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

wtewtw
Size: 155KB - Virtual size: 155KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

zxgsgt
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

etweyt
Size: - Virtual size: 6KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

qtwyre
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

tqetyr
Size: - Virtual size: 12B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sagtye
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

tqewtd
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

tqwetd
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

zgsdgt
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

dstewt
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 116KB

UPX1 Size: 116KB - Virtual size: 120KB

.rsrc Size: 1024B - Virtual size: 4KB

Headers

File Characteristics

Sections

wtewtw Size: 155KB - Virtual size: 155KB

zxgsgt Size: 3KB - Virtual size: 3KB

etweyt Size: - Virtual size: 6KB

qtwyre Size: 3KB - Virtual size: 3KB

tqetyr Size: - Virtual size: 12B

sagtye Size: 512B - Virtual size: 3KB

tqewtd Size: 11KB - Virtual size: 11KB

tqwetd Size: 5KB - Virtual size: 5KB

zgsdgt Size: 4KB - Virtual size: 4KB

dstewt Size: 8KB - Virtual size: 8KB

.rsrc Size: 5KB - Virtual size: 8KB

UPX0
Size: - Virtual size: 116KB

UPX1
Size: 116KB - Virtual size: 120KB

.rsrc
Size: 1024B - Virtual size: 4KB

wtewtw
Size: 155KB - Virtual size: 155KB

zxgsgt
Size: 3KB - Virtual size: 3KB

etweyt
Size: - Virtual size: 6KB

qtwyre
Size: 3KB - Virtual size: 3KB

tqetyr
Size: - Virtual size: 12B

sagtye
Size: 512B - Virtual size: 3KB

tqewtd
Size: 11KB - Virtual size: 11KB

tqwetd
Size: 5KB - Virtual size: 5KB

zgsdgt
Size: 4KB - Virtual size: 4KB

dstewt
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 5KB - Virtual size: 8KB