63b5e7846a9be64a83604a6d7f141e1f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

63b5e7846a9be64a83604a6d7f141e1f_JaffaCakes118
Size

179KB
MD5

63b5e7846a9be64a83604a6d7f141e1f
SHA1

15cf291dbde24472c5107f09b9f6162c6219c6ca
SHA256

163582cf7f97112f1f40a4e8f274c1fbef99a3c9f39f0c287bdee0ff452fdfe8
SHA512

afaa04c3194d1c2ac133604e865cef7c7140a838814276160584301bb10070f7891849b7bad001c7838fd92bfbd98201d26416989410e0cfc3ad35757cb3fe4b
SSDEEP

3072:F9d8W3KWJIXBPsed2eWPqAc2KPivuBlj4L+oA/J6MJJGZtQd7qcyc+v:/yW3RmB5jSc1xlk+oAbJJQQd7Hyc

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
63b5e7846a9be64a83604a6d7f141e1f_JaffaCakes118
unpack001/out.upx

Files

63b5e7846a9be64a83604a6d7f141e1f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 35.9MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 158KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.text
Size: 488KB - Virtual size: 488KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_MEM_READ

.ndata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 10KB - Virtual size: 35.3MB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 157KB - Virtual size: 157KB

IMAGE_SCN_MEM_READ