6894a73e8e5b4a24514f2c660a29a368_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6894a73e8e5b4a24514f2c660a29a368_JaffaCakes118
Size

21KB
MD5

6894a73e8e5b4a24514f2c660a29a368
SHA1

a2a57f0685da3ab2c7d72c296806c82c10665207
SHA256

8a04834d9b961f8fce5622f24a7f8686632ee3c118aa9175af1834bbf01ba8e8
SHA512

b94ca6cc322226c0367d9d848a67e656149278e685b7a1b8260a14de6c0c58dbcb48f5e4ca0e9454b288b6bb7160d5a9f4cc13365a26730d760daf90fb9a6ae5
SSDEEP

384:bKeTsL4+5G7Gm8KPb3mombqKhmYw8cKw24mDBE27jyazwshc5ddDVXpG:u7BAymdPLxmNm1mDBF7jCsiFVX

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
6894a73e8e5b4a24514f2c660a29a368_JaffaCakes118
unpack001/out.upx

Files

6894a73e8e5b4a24514f2c660a29a368_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RwDat
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE