898e1ce262af74f351aaf694e40c969b_JaffaCakes118

General

Target

898e1ce262af74f351aaf694e40c969b_JaffaCakes118
Size

249KB
MD5

898e1ce262af74f351aaf694e40c969b
SHA1

f9d276a49e1616b91e7e8150a9d713b0055844f6
SHA256

57847cf08c50b371d93804f497514388bb4621dae8b76d03243116e8cbd797a2
SHA512

3ae0779c032895ee3b2b908ecafc8d633e2ead5d9586b7dcbca9ff61293ab08a6d5ec87d3839acde6d61312e51145f6b4b620c76eb47608aa96196f6e9e162c5
SSDEEP

6144:3ShmaK3SX+3b87B9vAlzI7l+NX85WL9IVC7X:2m9SXCcB9vXJ6zL9IVC7X

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
898e1ce262af74f351aaf694e40c969b_JaffaCakes118
unpack001/out.upx

Files

898e1ce262af74f351aaf694e40c969b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 328KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 241KB - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 306KB - Virtual size: 305KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 328KB

UPX1 Size: 241KB - Virtual size: 244KB

.rsrc Size: 7KB - Virtual size: 8KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 306KB - Virtual size: 305KB

.rdata Size: 100KB - Virtual size: 99KB

.data Size: 14KB - Virtual size: 24KB

.rsrc Size: 89KB - Virtual size: 88KB

.reloc Size: 30KB - Virtual size: 29KB

UPX0
Size: - Virtual size: 328KB

UPX1
Size: 241KB - Virtual size: 244KB

.rsrc
Size: 7KB - Virtual size: 8KB

.text
Size: 306KB - Virtual size: 305KB

.rdata
Size: 100KB - Virtual size: 99KB

.data
Size: 14KB - Virtual size: 24KB

.rsrc
Size: 89KB - Virtual size: 88KB

.reloc
Size: 30KB - Virtual size: 29KB