66bc793a49492d3f32f247ee1d9e4d03_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

66bc793a49492d3f32f247ee1d9e4d03_JaffaCakes118
Size

194KB
MD5

66bc793a49492d3f32f247ee1d9e4d03
SHA1

f5368ec1e78b2624969142ab21f9d17b5b0f6cb2
SHA256

92c9bfe249d79fce1a1c2bd965ae3a0cec55c95ffe4cb048e3570a2b924e3b13
SHA512

c0e18286a6f5b09f4584dbe559fa24458ceedb623c1c1ea164024a5e9a72e8a8d48d3d9d96118ebdda845514ea61304e72e710e70c36f5fc1e344a30637ead9d
SSDEEP

6144:XpvhyrraeWDcOQGee5pXKMa8QwNI3+P15QAa:ZvaWDI8pJaxwNI3+P15QN

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
66bc793a49492d3f32f247ee1d9e4d03_JaffaCakes118
unpack001/out.upx

Files

66bc793a49492d3f32f247ee1d9e4d03_JaffaCakes118
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 92KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

code
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

data
Size: 538B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

bss
Size: - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

imports
Size: 810B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

relocs
Size: 330B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

resource
Size: 520B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ