857f248e6a57efc76836ecc736f59237_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

857f248e6a57efc76836ecc736f59237_JaffaCakes118
Size

12KB
MD5

857f248e6a57efc76836ecc736f59237
SHA1

3af970ac174cdc75c1a3b70bd246b0e505f0c115
SHA256

033e67011c0b03f43017293a81dd7192ed88a2a26abb35ffb7e00c3ee6e05941
SHA512

d1cda4defa8279759a499123b53c5d3d8fced84dc36d30331a30934e029d5370d4833378fa492669cf6523d8ba58fa54dd61f9ad38649ebfb329518912f038f6
SSDEEP

192:Zj5ZV2NZKe8ChkXfV2D5wnU/ZghPSZkOrO7JXJlajghc0HRQmmEeGLHl:BZ2Ce8K4wv0lJlacxQDml

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
857f248e6a57efc76836ecc736f59237_JaffaCakes118
unpack001/out.upx

Files

857f248e6a57efc76836ecc736f59237_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ