5f69dc2cf360e3fce3e484426cb2b318_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5f69dc2cf360e3fce3e484426cb2b318_JaffaCakes118
Size

111KB
MD5

5f69dc2cf360e3fce3e484426cb2b318
SHA1

7d343a9ea85737151629019942f806cad1db8314
SHA256

41a5b52c5f35dea301f5c12091e52dbdadcf0413a3cac9a3abe5316858c23c56
SHA512

3756a674210c847595590a93e6c9f9db09a9909980154c884a12cd57776868206fe99776675e510875e60a0996421db312ea0858a1ca27d8ed25f6e480ce11ec
SSDEEP

1536:XLPLSjF6lxvPpRNBuLMk4JK72PM23eXEjzlST5adQZACwf6pm7Zv:zLSIlFPp/BqyJQ2PNegl2giZAC06Q7l

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
5f69dc2cf360e3fce3e484426cb2b318_JaffaCakes118
unpack001/out.upx

Files

5f69dc2cf360e3fce3e484426cb2b318_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 100KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 62KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 82KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ