750c9ef55a453c5528d46f2a780c582e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

750c9ef55a453c5528d46f2a780c582e_JaffaCakes118
Size

110KB
MD5

750c9ef55a453c5528d46f2a780c582e
SHA1

c6d3880773e569c610f1de18494a6e207741f00f
SHA256

97e0317fffa50e95c642ae389eefb12f06ef8fbb47befa0348c66eb8e50127f2
SHA512

6f84672803d75a0b05fba44394ab58fd96619e9970026bb526a6072e70c05433a7589b1efaede8e201bf81ebd77de5385756de2797390af470fa53f721a6ecad
SSDEEP

1536:aTqxab/OVlX4ty+r5EmdFAT4AKiUK4M9m7Sp6LWpplD0Vg0hLomY9/:0qxab/ilX4jE4TZSp6KpplgVhyR9/

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
750c9ef55a453c5528d46f2a780c582e_JaffaCakes118
unpack001/out.upx

Files

750c9ef55a453c5528d46f2a780c582e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 208KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 83KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 168KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 108KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ