84de2a743fcba72111b9cb7fac5bc0b2_JaffaCakes118 | Triage

Sharing

General

Target

84de2a743fcba72111b9cb7fac5bc0b2_JaffaCakes118
Size

148KB
MD5

84de2a743fcba72111b9cb7fac5bc0b2
SHA1

7be33d193f83359f6621fbe17726058f0e5de0f0
SHA256

cd4ea48bdea4b8b545a3980a5a41057f3dc8b445d90262ec7258fa313349caff
SHA512

10820cfd0146e02439e206e652e232f61ff858a2f44d980605b1df3ffdeeaaf8cca3337a1b3508a96d7df3f715db23dcd2c1ca03b3892de192d884d0d3654750
SSDEEP

3072:w4D8+gS8s+QSJj5cCEmgVIiVaeijfnVF5+k3EmVrAMRbR:wP3SsQYiV5VaeGVS0DTr

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
84de2a743fcba72111b9cb7fac5bc0b2_JaffaCakes118
unpack001/out.upx

Files

84de2a743fcba72111b9cb7fac5bc0b2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 224KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 141KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 328KB - Virtual size: 325KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ