71d0937f36008029d7f8a12e473636af_JaffaCakes118 | Triage

Sharing

General

Target

71d0937f36008029d7f8a12e473636af_JaffaCakes118
Size

135KB
MD5

71d0937f36008029d7f8a12e473636af
SHA1

a016ae8dbd418450c42fe338bb7bbb779fb42474
SHA256

38bd7031df6954ac1be015d24971f5f2d185e583e024a482a014ce9f5f070b4b
SHA512

7ab8efbdb6c13c518bdb05a359028d2e4023a1563e81d547caa41569704a082045fc4c4e8e0d6701d9579bee7f93f4670291a3bf2217f3aa936d1366ec2f9013
SSDEEP

3072:oa2DRtmyK6iqqXEa/FlaV8W8xuq1B2NrdTIABbjjPmdbgDX1c3cgy:oaYTK6iq6tlaKTChMABbjjPQbcc3

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
71d0937f36008029d7f8a12e473636af_JaffaCakes118
unpack001/out.upx

Files

71d0937f36008029d7f8a12e473636af_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 72KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 126KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ