85bda82f753861c512a461b2aaa5c9ec_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

85bda82f753861c512a461b2aaa5c9ec_JaffaCakes118
Size

274KB
MD5

85bda82f753861c512a461b2aaa5c9ec
SHA1

72d8a8b077ed3d77fdf8faab6097b30579f1f239
SHA256

a0f25ae0349e9244baccf3092ec943a44ad4bc1cd4617638eba8a0cb54280e7a
SHA512

36cddf42b69a7a03b6d8d29700ff31bb519fee8633898eaa5eb7e3702831fee0698d1b43331e1389e5017209195eaa339fe88997be88a0fb26b4564130e93d1e
SSDEEP

6144:KgTDHH/V0W78dlFFNM+MWhvZa3M7TTs7tKtLCMB4U1WoOcxwDe3cwf:hDHH/eE8dzFUSI3mKtKZCMIf839f

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
85bda82f753861c512a461b2aaa5c9ec_JaffaCakes118

Files

85bda82f753861c512a461b2aaa5c9ec_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

CreateMainProc
CreateProtectProc
DllCanUnloadNow
DllGetClassObject
Setup
SysLogoff
SysLogon

Sections

UPX0
Size: - Virtual size: 472KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 263KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ