7149ee4d2e46b519eee1d64d5201079c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7149ee4d2e46b519eee1d64d5201079c_JaffaCakes118
Size

67KB
MD5

7149ee4d2e46b519eee1d64d5201079c
SHA1

292302116b382195895ea0ad25c1bc2a19a66367
SHA256

6a7aa01832889defa7fcf8e4e95d383ce352725e90361c338dcdc6c705c5fcbc
SHA512

2b04c3815409a073d79ef21436b4d710038dc6d691dc69cc60730ab12c6c969606a3fd411d9e8b04b7607090d901135a1dc37acd8586e1f3ca797d5a6dacc01c
SSDEEP

1536:pEu8yh1JHh+zd7k7KQLy3fguP4XWURyt0c1no:p9Nh+RA7KynWUw0c1o

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7149ee4d2e46b519eee1d64d5201079c_JaffaCakes118

Files

7149ee4d2e46b519eee1d64d5201079c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6a80d4073304c34d4f6101bb0999883e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

MessageBoxA
MessageBeep

Sections

UPX0
Size: 58KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.clab
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 536B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ