84198a27a902a5caefb9ae0d73429487_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

84198a27a902a5caefb9ae0d73429487_JaffaCakes118
Size

48KB
MD5

84198a27a902a5caefb9ae0d73429487
SHA1

d41066b61fe8ecd7f949a2e94f2fc6b63506221f
SHA256

940b2cd1179683684dbee4aaa4daf7f10c981d854de11635e3e2bfdb11e6be6c
SHA512

b1e94e852d6b0fea3ec04c70e7a42258d8a7fb96ea649d9a4c185bde408adad4f6bd60e861780551f9aae5853f8a1c8bc905be0ffddf2f77500d7efb5a31706e
SSDEEP

768:AmHcj5oCqgTnAoDOhrDCcdO6+LLHl3g0NwDtGLWswWImjTlj0WFe:A2KTn3OAcdO6+Lzl3g0MLswWHjRdFe

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
84198a27a902a5caefb9ae0d73429487_JaffaCakes118
unpack001/out.upx

Files

84198a27a902a5caefb9ae0d73429487_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 45KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 996B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 420B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ