65166c86aaba13ef88645adc73cec25c_JaffaCakes118

General

Target

65166c86aaba13ef88645adc73cec25c_JaffaCakes118
Size

746KB
MD5

65166c86aaba13ef88645adc73cec25c
SHA1

0d57c30940cbfaba14c9f11042de7a9bac604234
SHA256

cf2a3fb33c4db924ac92420624025e4e6c6c926a237d6616684f29153cf9591f
SHA512

07cf70686dc5b7c0fba282a0efbd21435d2d26a1b715cb0ceda4a6b58cf287c9cdecaf884dc948e8e4f647f73aeff9238090a14b2ddd31bd15c0c5dc4974dc1a
SSDEEP

12288:62BJ6p91Le4PEMxC7Gy9PF8DS1pHBCyQBni+VUO7gklYqte2aog:lBJEig47GSPzTHBCdVJ/g/

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
65166c86aaba13ef88645adc73cec25c_JaffaCakes118
unpack001/out.upx

Files

65166c86aaba13ef88645adc73cec25c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 360KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 657KB - Virtual size: 660KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 891KB - Virtual size: 890KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 90KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 360KB

UPX1 Size: 657KB - Virtual size: 660KB

.rsrc Size: 88KB - Virtual size: 88KB

Headers

File Characteristics

Sections

CODE Size: 891KB - Virtual size: 890KB

DATA Size: 5KB - Virtual size: 5KB

BSS Size: - Virtual size: 1KB

.idata Size: 2KB - Virtual size: 1KB

.tls Size: - Virtual size: 8B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 3KB - Virtual size: 2KB

.rsrc Size: 90KB - Virtual size: 92KB

UPX0
Size: - Virtual size: 360KB

UPX1
Size: 657KB - Virtual size: 660KB

.rsrc
Size: 88KB - Virtual size: 88KB

CODE
Size: 891KB - Virtual size: 890KB

DATA
Size: 5KB - Virtual size: 5KB

BSS
Size: - Virtual size: 1KB

.idata
Size: 2KB - Virtual size: 1KB

.tls
Size: - Virtual size: 8B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 90KB - Virtual size: 92KB