7002050cc7ed1896b9e0ddf26bb7bceb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7002050cc7ed1896b9e0ddf26bb7bceb_JaffaCakes118
Size

42KB
MD5

7002050cc7ed1896b9e0ddf26bb7bceb
SHA1

9ab1c1276b521d97715eac0a463d30c17da0a7b1
SHA256

2e1011030249939f5b75758a8fbfc7168d4b623e10bce8a0b29e17530015e3d0
SHA512

8fd3a7a99ba8e7eb1bb3657d440d6dfc867e4e6444326c8668167e3ff4169ffb68e40a87cc7a1ec5cb3ef811d38589e23ba85f840736205810bd2f5b576b98c3
SSDEEP

768:5UQH+IBLZtcOtEfOF7eMQC4RNxKmG2hZ79n0FxwQ7MTFqqUMk2YniAPIVhNI2Hhk:5Us+uJ6mqxfGAZ7FQxwfTwkVYipNnbg

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/Cpukiller.3.v1.0.5.4.Cracked-EXPLOSiON/crack.exe	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Cpukiller.3.v1.0.5.4.Cracked-EXPLOSiON/crack.exe
unpack002/out.upx

Files

7002050cc7ed1896b9e0ddf26bb7bceb_JaffaCakes118
.zip
Cpukiller.3.v1.0.5.4.Cracked-EXPLOSiON/crack.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 188KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 38KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 205KB - Virtual size: 205KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Cpukiller.3.v1.0.5.4.Cracked-EXPLOSiON/explosion.nfo
Cpukiller.3.v1.0.5.4.Cracked-EXPLOSiON/file_id.diz