940f4f25c0d109cf43ced653b9374001_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

940f4f25c0d109cf43ced653b9374001_JaffaCakes118
Size

65KB
MD5

940f4f25c0d109cf43ced653b9374001
SHA1

8ab30836ccf9eceb3f2c868ca6f79e8ec472082c
SHA256

d5d61f3bc9dee5785b6d9967a905176543c278be685c49be8c4bea38850266c2
SHA512

9d6e575a4ae8293e4b32791ba2f1422792bdc81555fda3b6d35d4b7141dd4e7c33b7378f7360dd41438a06841e2068ffc9d51e0e25ded5c1d0a314e9fef6d555
SSDEEP

1536:3lG1bNlw+z1Z4IiCGKhF07Mlfvr3Jv9TRVpamyW3EJSLdV:3lgb8k1QhKhFoMlfvr3vpESdV

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
940f4f25c0d109cf43ced653b9374001_JaffaCakes118
unpack001/out.upx

Files

940f4f25c0d109cf43ced653b9374001_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 796B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ