963082f66fb1a3cbb07053cc8503af4e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

963082f66fb1a3cbb07053cc8503af4e_JaffaCakes118
Size

66KB
MD5

963082f66fb1a3cbb07053cc8503af4e
SHA1

f1c86e29b74dfb3193baa2540efcbad739540ef6
SHA256

9739e5241217a4dbe900361736b1ee8dd74599e343fa42f8546a154de5730ee9
SHA512

4021b271808e281b676aa2d96dfb1fcf50df34fd23080fadd5164ac39557006fecb42e9ee3c7ac0d4cb0d86ef63449ffa2deb9fd329f7e5f2e5ca8cfe4925207
SSDEEP

1536:2Uj7f3GumZ+WIiU14BI3QTYWgaqKSlGXt6P8MSM5baNU3jDP42+Iutg7:jjyuK+WIi0wvlqpGXoPvAmTDL08

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/Keygen/[keygen].exe	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Keygen/[keygen].exe
unpack002/out.upx

Files

963082f66fb1a3cbb07053cc8503af4e_JaffaCakes118
.zip
Keygen/[keygen].exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 188KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 67KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 212KB - Virtual size: 211KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ