757f37fe648b4564c343f1e0fce8f27f_JaffaCakes118 | Triage

Sharing

General

Target

757f37fe648b4564c343f1e0fce8f27f_JaffaCakes118
Size

8KB
MD5

757f37fe648b4564c343f1e0fce8f27f
SHA1

fcf96c78b8476aca7c179eecaa055fd6bdb2c645
SHA256

24e64a43a16b0f3d4cba473f4a8a1ecad4ab42892bd314aa985117d21c30a47a
SHA512

e799157c05f1c00ec3bef0cae5cbd3c8e6cdfab0e00abb2573538e528e4dcfa000695a06076faf2f4aacb9823b7e89cbf308fa54f9d5f8833b8fae1127f446bd
SSDEEP

96:QKOHiF5yFYw55OUABrbuFgkaR0FxMpoESy41ZukzW39pembpvFEJtDInY:ZOH+4nFaCwpoEPkzW36mFvFEcY

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
757f37fe648b4564c343f1e0fce8f27f_JaffaCakes118
unpack001/out.upx

Files

757f37fe648b4564c343f1e0fce8f27f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 756B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ