8ba1547691220a5fe4251b68ff8d4423_JaffaCakes118 | Triage

Sharing

General

Target

8ba1547691220a5fe4251b68ff8d4423_JaffaCakes118
Size

1.2MB
MD5

8ba1547691220a5fe4251b68ff8d4423
SHA1

9b161dc15e67bbdf3741fcee4eabfe4e308434e4
SHA256

d0ebd3fe1b55ef9c84923d11a25339e16ebfdfd0fdcec9ae44431b8314d293e5
SHA512

3dd2654bd79f3305990170b8d9372cee62bf289ace35c08446c3bcfb868ef96a2abc3525fc4639a8b7179336b1b0a2c914bb5f13e6ef63719c571a4e39cee781
SSDEEP

24576:APNoNi76cUHBjmUT+UfNQp2MAs5YkDTkTgWpWSoBMXHymW9DhF+OU4bbp1E2:AloEOfluV5VmPppouXyFphF+OU4b3z

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
8ba1547691220a5fe4251b68ff8d4423_JaffaCakes118
unpack001/out.upx

Files

8ba1547691220a5fe4251b68ff8d4423_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 104KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 59KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 96KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ