85ae66056ab5348c5138da2881ac2ca1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

85ae66056ab5348c5138da2881ac2ca1_JaffaCakes118
Size

85KB
MD5

85ae66056ab5348c5138da2881ac2ca1
SHA1

c258fb4846f4444d659af5bfb3e88d5fbf716399
SHA256

2ea5fe55b8d8cbb64fdc4adeaf48a1761cc794293dfeaba04a89dcaeb0b9b818
SHA512

a0dba5ad2725b1d7731d2de115c0787bdec15c8a97b359ff571f3f17f17a24366bf2644c7d2fc596094a5d3a30dbde0ab341c04a978d8c099a3bf9879055442c
SSDEEP

1536:ePR6J4oGVu4eOAjCVWTR/zhLhApVy3QWH3ja9MfcxHDppttab5Z18:N4nSO3WTpNLhApMgWTa9Mfcx3baVT8

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/out.upx

Files

85ae66056ab5348c5138da2881ac2ca1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Code Sign

7b
Certificate

Issuer

CN=NetLock Minositett Kozjegyzoi (Class QA) Tanusitvanykiado,OU=Tanusitvanykiadok,O=NetLock Halozatbiztonsagi Kft.,L=Budapest,C=HU,1.2.840.113549.1.9.1=#0c0f696e666f406e65746c6f636b2e6875

Not Before

30/03/2003, 01:47

Not After

15/12/2022, 01:47

Subject

CN=NetLock Minositett Kozjegyzoi (Class QA) Tanusitvanykiado,OU=Tanusitvanykiadok,O=NetLock Halozatbiztonsagi Kft.,L=Budapest,C=HU,1.2.840.113549.1.9.1=#0c0f696e666f406e65746c6f636b2e6875

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:ef
Certificate

Issuer

CN=NetLock Minositett Kozjegyzoi (Class QA) Tanusitvanykiado,OU=Tanusitvanykiadok,O=NetLock Halozatbiztonsagi Kft.,L=Budapest,C=HU,1.2.840.113549.1.9.1=#0c0f696e666f406e65746c6f636b2e6875

Not Before

28/05/2009, 14:57

Not After

28/05/2010, 14:57

Subject

CN=Adó- és Pénzügyi Ellenőrzési Hivatal (*),O=Adó- és Pénzügyi Ellenőrzési Hivatal,L=Budapest,C=HU,1.2.840.113549.1.9.1=#0c157765626d617374657240617065682e676f762e6875

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment

8a:ca:d7:56:5f:ca:85:6b:5c:eb:98:ee:00:6b:1c:4f:11:3d:b6:4a
Signer

Actual PE Digest

8a:ca:d7:56:5f:ca:85:6b:5c:eb:98:ee:00:6b:1c:4f:11:3d:b6:4a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 88KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 43KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 72KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Code Sign

7bCertificate

Key Usages

0d:efCertificate

Extended Key Usages

Key Usages

8a:ca:d7:56:5f:ca:85:6b:5c:eb:98:ee:00:6b:1c:4f:11:3d:b6:4aSigner

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 88KB

UPX1 Size: 43KB - Virtual size: 44KB

.rsrc Size: 7KB - Virtual size: 8KB

Headers

File Characteristics

Sections

.text Size: 72KB - Virtual size: 76KB

.data Size: 2KB - Virtual size: 28KB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 15KB - Virtual size: 16KB

7b
Certificate

0d:ef
Certificate

8a:ca:d7:56:5f:ca:85:6b:5c:eb:98:ee:00:6b:1c:4f:11:3d:b6:4a
Signer

UPX0
Size: - Virtual size: 88KB

UPX1
Size: 43KB - Virtual size: 44KB

.rsrc
Size: 7KB - Virtual size: 8KB

.text
Size: 72KB - Virtual size: 76KB

.data
Size: 2KB - Virtual size: 28KB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 15KB - Virtual size: 16KB