687414bc735030cf270bb2a376d23162_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

687414bc735030cf270bb2a376d23162_JaffaCakes118
Size

335KB
MD5

687414bc735030cf270bb2a376d23162
SHA1

b6b661b52625b26b23afab5b60adac2b934b6892
SHA256

085f35dde8e0446cc83ae8c7a04b63f831b63567408c8ae077a826ee74bf45ec
SHA512

0cfccfc924aaf4b8e6fec76190b8888f41103874d426fff19763d07161535348a9daeba6ea6d93fac28325f3b2b79f6e009c1bf0e65c749347806afae87b0488
SSDEEP

6144:pK4fTRRFE2juocbXYmKNDDXpe1S00k2oaPWnp72zRoPh8WWkL6tdYGM:pDfGbXYmGPQ1eoaWc1Pqh

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
687414bc735030cf270bb2a376d23162_JaffaCakes118
unpack001/out.upx

Files

687414bc735030cf270bb2a376d23162_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 584KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 314KB - Virtual size: 316KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 260KB - Virtual size: 260KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 527KB - Virtual size: 527KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ