8ef9de4150ad1b80ea0c2a850571f3f7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8ef9de4150ad1b80ea0c2a850571f3f7_JaffaCakes118
Size

48KB
MD5

8ef9de4150ad1b80ea0c2a850571f3f7
SHA1

c6b1b5ad1f94beb4df5ec2c4839fd56d949a5e04
SHA256

f03e79c58781930ef34d7b9fcdb930e88186859c8b665cfb1d510612c2a33591
SHA512

59ae5b04fbed8dfd73efbccf107799820e4789d2db0df94ca9bc0eb95642782e20c5fcf8dd89643eb4b77170a607af65131953e8adec9575f2680e55e5243519
SSDEEP

768:QLyR7305rjTovYV2t/+0fbiMUA2AMcuzmeSKLmXAoH1EPhWd8jmp:Cyh36rYLt/+QbicPMy8mLykl

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8ef9de4150ad1b80ea0c2a850571f3f7_JaffaCakes118

Files

8ef9de4150ad1b80ea0c2a850571f3f7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 44KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 35KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 524B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ