94c94a0fc71e22801bf4dc8dace83dab_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

94c94a0fc71e22801bf4dc8dace83dab_JaffaCakes118
Size

40KB
MD5

94c94a0fc71e22801bf4dc8dace83dab
SHA1

3b95e50f401f6ad5939158cb0e6e30c0edb546ed
SHA256

63bcc4b6af14da7f19b48b598052ccd045e7358130451e3f75867d23a6376f00
SHA512

d6e1ad598ae6bcb4f2a610b822108859924a9f342c78eeaa56f2f642536902e3296aca71ecbe1391139e67400609451af45bd4322e8c5441c71568955abcfe08
SSDEEP

768:teEH4tVGiOHmUv7Mu4in7J6JSKEmQTWj1totzxMMizVBP3DAfiDh6g+uRhKZ:teSi6Tb4iJmnAZxM/7Ay6o2Z

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
94c94a0fc71e22801bf4dc8dace83dab_JaffaCakes118
unpack001/out.upx

Files

94c94a0fc71e22801bf4dc8dace83dab_JaffaCakes118
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 92KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

code
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

data
Size: 538B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

bss
Size: - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

imports
Size: 810B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

relocs
Size: 330B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

resource
Size: 520B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ