8ae5d3b66ccab372d80e7ec6b73f8f69_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8ae5d3b66ccab372d80e7ec6b73f8f69_JaffaCakes118
Size

301KB
MD5

8ae5d3b66ccab372d80e7ec6b73f8f69
SHA1

a8f145e7f72976a8e13fe110e0a9a04de0472e80
SHA256

21f67da58adab17d61dfa3f57877282503bd8c7cb20fc91e6bbe77ca9f7c4eae
SHA512

d6001bbcee38216565a8eae3bedf87c8bc40c250a5628e0d04806d609a2508ec4bff5955a29e6f279fd6c7efb0c5843ff2eab33228a01fe442a1fb885e65fd18
SSDEEP

3072:Xjr87S7Gnz55EoE2gcZA5WSEnUXU1/6GQOa0PZGTsPkyJ2nYHLALxKYaFCpGN9XV:sZl2tdcZA5aJ0GA0c8HRALvWH5tQRu

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8ae5d3b66ccab372d80e7ec6b73f8f69_JaffaCakes118

Files

8ae5d3b66ccab372d80e7ec6b73f8f69_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 51KB - Virtual size: 56KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE