702bf75055b7b6e9afc9d5d15cbfcb28_JaffaCakes118 | Triage

Sharing

General

Target

702bf75055b7b6e9afc9d5d15cbfcb28_JaffaCakes118
Size

134KB
MD5

702bf75055b7b6e9afc9d5d15cbfcb28
SHA1

331756e968baac41edd9a8173cf5dab149dde3ea
SHA256

b626f42dafc44f7df364481e2db54af0d42cebf16077fad026d7642236d9683f
SHA512

e5ac4821008b035d8f9b16868d79f11c7694c4bff49f1f685c1d24d79e479b0ccdcbc6a9f837681928ade3f702e1725b65d922cf88b39d7bbc3d9558039c3943
SSDEEP

3072:KcFjT07ijhBeVx5ThsJdhX/QVDiHzBTa:zfWieL5Tqd9QB

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
702bf75055b7b6e9afc9d5d15cbfcb28_JaffaCakes118
unpack001/out.upx

Files

702bf75055b7b6e9afc9d5d15cbfcb28_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 68KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 126KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ