60d0fbe90131e5dae8230a85deb98703_JaffaCakes118 | Triage

Sharing

General

Target

60d0fbe90131e5dae8230a85deb98703_JaffaCakes118
Size

132KB
MD5

60d0fbe90131e5dae8230a85deb98703
SHA1

8bc061f008dff9cbefef2c43cd82eba7520f8fa9
SHA256

c8d8c77fffbd48138c0f555610b41ba3fa15627d0f586950b8ff983a50787a70
SHA512

b4f6285bf463313e2f7857f0d6ff672ab76fc742c3ed1db0ab64a80a35d74e6f006ba55f37c1b82ff7f4419172bd5a40052cd755dd5427b7cfb6c03448f34c63
SSDEEP

3072:57yS/4QpOELEK9ETXCXe4djcYTGA0R3O8jut2gYn76bf:57TPgKcXCXe4JBCO8jut2gYW

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
60d0fbe90131e5dae8230a85deb98703_JaffaCakes118
unpack001/out.upx

Files

60d0fbe90131e5dae8230a85deb98703_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 72KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ