8b7932c146f1ef42a94766d165177236_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8b7932c146f1ef42a94766d165177236_JaffaCakes118
Size

593KB
MD5

8b7932c146f1ef42a94766d165177236
SHA1

5c670b60cc2668497cdc42b36414b072d75bda91
SHA256

d31d0ded358288169487e86c194fdce9f2bf5cca0c232a0f836dbab984f462bf
SHA512

4d20374907ba8881580a9b0134a8318c75709d932bc7af255f3cf62cf699ca068c23bb4ac648d7d85ec03550d53762b21ffc2ac8c551f5ef4b36acf3c5a6dcd4
SSDEEP

6144:KfslG3WR16RyH8RFGgLlUMBRtAuk4rBfL1RCaSC0eWVOcK:8slr1Yy8RFGgLqMBRtAuz1R3/WvK

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b7932c146f1ef42a94766d165177236_JaffaCakes118

Files

8b7932c146f1ef42a94766d165177236_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 153KB - Virtual size: 552KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 432KB - Virtual size: 432KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.UPX
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rsrr
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE