8c97810b4f4c48f5001bf607fa6a072f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8c97810b4f4c48f5001bf607fa6a072f_JaffaCakes118
Size

108KB
MD5

8c97810b4f4c48f5001bf607fa6a072f
SHA1

bde6590a673bd67ef8d7c0b5a16bc0d8dd406310
SHA256

542600c0ba55ead5d2f342fb608f66abc5ffef49e95e06f1a751f8c7ee1bae32
SHA512

f938732728d0cf974d629fa7b57d3ea981a1390360dd41fa404137c92df44d7eb57fc68e70c3ee17736c44486f8b2fb36889efa2b3338a028560d7e8d6946a0c
SSDEEP

3072:3ojzQzOpQQ5r/BI/S1rwjccU7uvusN9y3MvaO5MzJhN:3ow65ScrwwcnWsNw33O521

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
8c97810b4f4c48f5001bf607fa6a072f_JaffaCakes118
unpack001/out.upx

Files

8c97810b4f4c48f5001bf607fa6a072f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 168KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 100KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 200KB - Virtual size: 197KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ