839cc66823d8239bbfe0392aefb9ace9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

839cc66823d8239bbfe0392aefb9ace9_JaffaCakes118
Size

146KB
MD5

839cc66823d8239bbfe0392aefb9ace9
SHA1

7c2adf8199f3aa950914504c6d86f6d997e0ae1f
SHA256

e866f34f671bbeddf425b380526289965da0d9b8fad183067ba5d2921067f78c
SHA512

8de9e62dd349f6f68406a6478ad642864a018c0b99c0ca60fa1321d5f1bfb195e4cf0549f6b0d62d62dad4f458be52bb0cca76912a2f4e4346d5c33dcfc00acd
SSDEEP

3072:dLeYuefaK9P2FjBXeokd0sYpIlbWf0tx3BdxGoQFejgpZLetdCnaMkl4w:NeYul0uzLUYzqxbfc6o1nTy

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
839cc66823d8239bbfe0392aefb9ace9_JaffaCakes118
unpack001/out.upx

Files

839cc66823d8239bbfe0392aefb9ace9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 3.1MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ