8ae5ba51388fefebc7165b7d16ddbf84_JaffaCakes118

General

Target

8ae5ba51388fefebc7165b7d16ddbf84_JaffaCakes118
Size

653KB
MD5

8ae5ba51388fefebc7165b7d16ddbf84
SHA1

83fcd65fcfc8aa070a03b6460879bba45fbb1da4
SHA256

4ce8a49cf77a5f4c747f74251a00eead590947a0924fa78feb2a2e9f1af6eaf1
SHA512

367511382eabbb33d92902d007f958a43cef8aca6d671bef1345cd319e55344aa6084a76ecebce8cba3349563d38d8d0737bec2696a989f75fb42a2da5967701
SSDEEP

12288:uDJiVeP1ypuriwCE45FsQ5nhTjDFxfjNX4ycje4NRJZlDgVBBI4qQW2syuxpm:Jodku3q5nxPFxTiRJZlM2cVuXm

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
8ae5ba51388fefebc7165b7d16ddbf84_JaffaCakes118
unpack001/out.upx

Files

8ae5ba51388fefebc7165b7d16ddbf84_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 1.5MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 646KB - Virtual size: 648KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 23KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 64B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 746KB - Virtual size: 746KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 1.5MB

UPX1 Size: 646KB - Virtual size: 648KB

.rsrc Size: 6KB - Virtual size: 8KB

Headers

File Characteristics

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.itext Size: 5KB - Virtual size: 4KB

.data Size: 27KB - Virtual size: 27KB

.bss Size: - Virtual size: 23KB

.idata Size: 13KB - Virtual size: 13KB

.tls Size: - Virtual size: 64B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 88KB - Virtual size: 87KB

.rsrc Size: 746KB - Virtual size: 746KB

UPX0
Size: - Virtual size: 1.5MB

UPX1
Size: 646KB - Virtual size: 648KB

.rsrc
Size: 6KB - Virtual size: 8KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.itext
Size: 5KB - Virtual size: 4KB

.data
Size: 27KB - Virtual size: 27KB

.bss
Size: - Virtual size: 23KB

.idata
Size: 13KB - Virtual size: 13KB

.tls
Size: - Virtual size: 64B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 88KB - Virtual size: 87KB

.rsrc
Size: 746KB - Virtual size: 746KB