6adbfec8deddb001e0fd8f0bea8173a4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6adbfec8deddb001e0fd8f0bea8173a4_JaffaCakes118
Size

1010KB
MD5

6adbfec8deddb001e0fd8f0bea8173a4
SHA1

73bb2b273cd06f5563efd5cb92d29f75d75ed651
SHA256

36d95299a2b617b9601de975bd30a3a4e9db6439c75249fb36a30c3c763eca7d
SHA512

d870f859ac92d76a8295864199bc7777c3cb7aa84fea501171bdbc2c99056601e91a0d6ebdf2993563be4f4e904267e58663ec482fb6969ecc41e5647fbee64c
SSDEEP

24576:s0J8LUI5X6L7u6LU9QKvhDabvT34cyD1z1m2spUP7H4Gve5wCo:gL/qf3UOwhmbvT34ci1z1m2sSP7HNvm

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
6adbfec8deddb001e0fd8f0bea8173a4_JaffaCakes118
unpack001/out.upx

Files

6adbfec8deddb001e0fd8f0bea8173a4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 4.0MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 1006KB - Virtual size: 1008KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 278KB - Virtual size: 278KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4.4MB - Virtual size: 4.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.flat
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE