82b006aa0e496983a112a61df57a9677_JaffaCakes118

General

Target

82b006aa0e496983a112a61df57a9677_JaffaCakes118
Size

4KB
MD5

82b006aa0e496983a112a61df57a9677
SHA1

3150fc701f26cf80502857cb2fbfb859c349dd9f
SHA256

1c1b4ad96af649f217a3d56b3d82547f40a775698b7e8bcbc9334cd545bda59f
SHA512

e6fd7ba2d0839223612f446c493b9c33c4a39bd7bb95e965cd1c979f5eb6656a4f4a4dd053edd41007c78fc9e86c74cc6cb5f72b88e7d6b9f53859f03c5b7bda
SSDEEP

96:rM00wpRLON4kU4mw6nFzhO6x+YghpXVyN381X+H1:w00wCN4kU4m/nF9O6lcJVyN38

Score

7^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
sample	acprotect

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
82b006aa0e496983a112a61df57a9677_JaffaCakes118
unpack001/out.upx

Files

82b006aa0e496983a112a61df57a9677_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Exports

Exports

crypt
encrypt
setkey

Sections

UPX0
Size: - Virtual size: 28KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 106B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 464B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 180B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

UPX0 Size: - Virtual size: 28KB

UPX1 Size: 3KB - Virtual size: 4KB

UPX2 Size: 512B - Virtual size: 4KB

Headers

File Characteristics

Sections

.text Size: 3KB - Virtual size: 2KB

.data Size: 1024B - Virtual size: 880B

.bss Size: - Virtual size: 1KB

.edata Size: 512B - Virtual size: 106B

.idata Size: 512B - Virtual size: 464B

.reloc Size: 512B - Virtual size: 180B

UPX0
Size: - Virtual size: 28KB

UPX1
Size: 3KB - Virtual size: 4KB

UPX2
Size: 512B - Virtual size: 4KB

.text
Size: 3KB - Virtual size: 2KB

.data
Size: 1024B - Virtual size: 880B

.bss
Size: - Virtual size: 1KB

.edata
Size: 512B - Virtual size: 106B

.idata
Size: 512B - Virtual size: 464B

.reloc
Size: 512B - Virtual size: 180B