768f880c6c575dcf4cf1c68f508fb569_JaffaCakes118 | Triage

Sharing

General

Target

768f880c6c575dcf4cf1c68f508fb569_JaffaCakes118
Size

799KB
MD5

768f880c6c575dcf4cf1c68f508fb569
SHA1

d2db87e4317475905b0e59043f1bf69e826d8ae3
SHA256

330ed900bf6fa4160c175e8494bcc26110e9110af051a526ac86c1857867ac5e
SHA512

96fda9b25ad6ede05652ab540e3177899339f2ad6786940e1f686ca52d0854e17808c4e47475d73b3891dd52f1b86f64be0e36449e4790ef4dd6ed6c70608bc9
SSDEEP

1536:d/vNLZDOy1K9ltdNqNq9NhlmsL1QVgd54vSFHRmQQg254vFu54vTgzQ:d/1L0/9lt2NA3mk1L7pFHAiI9dz

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
768f880c6c575dcf4cf1c68f508fb569_JaffaCakes118

Files

768f880c6c575dcf4cf1c68f508fb569_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: 480KB - Virtual size: 480KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc0
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 82KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE