01bdd6f532b9bd9a7162fe07325a6c18_JaffaCakes118

General

Target

01bdd6f532b9bd9a7162fe07325a6c18_JaffaCakes118
Size

567KB
MD5

01bdd6f532b9bd9a7162fe07325a6c18
SHA1

c09560fa851fdc83e8ff8f7e1d7cd22e3e64a20c
SHA256

a198beb0ec40b45095b376a090d0536223563a2242cd3eca123129f43c0f61e9
SHA512

afb6b71c90b826558a7634a7cd51eb630cfeb5a77276c830d6a633d819e9f2a46d00f432486fdfa025cb7f24a4432ad9ab8929624ef23b355c53bcb2c00d5edc
SSDEEP

6144:RUzWiEa+23SyKUmI9ni55QizAmXKYyULl6mccfY94oJ9GALKcx0bl90uttjrALnR:RUaRk3b1iMiz3X56ua4oJQAvfdcMNJ

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
01bdd6f532b9bd9a7162fe07325a6c18_JaffaCakes118
unpack001/out.upx

Files

01bdd6f532b9bd9a7162fe07325a6c18_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 1.3MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 467KB - Virtual size: 468KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 98KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

DATA
Size: 342KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CODE
Size: 169KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BSS
Size: - Virtual size: 5KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 98KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 1.3MB

UPX1 Size: 467KB - Virtual size: 468KB

.rsrc Size: 98KB - Virtual size: 100KB

Headers

File Characteristics

Sections

DATA Size: 342KB - Virtual size: 1.4MB

CODE Size: 169KB - Virtual size: 168KB

BSS Size: - Virtual size: 5KB

.idata Size: 6KB - Virtual size: 6KB

.tls Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.rsrc Size: 98KB - Virtual size: 100KB

UPX0
Size: - Virtual size: 1.3MB

UPX1
Size: 467KB - Virtual size: 468KB

.rsrc
Size: 98KB - Virtual size: 100KB

DATA
Size: 342KB - Virtual size: 1.4MB

CODE
Size: 169KB - Virtual size: 168KB

BSS
Size: - Virtual size: 5KB

.idata
Size: 6KB - Virtual size: 6KB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 98KB - Virtual size: 100KB