96430dcfd4f604824142927a09e3e12c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

96430dcfd4f604824142927a09e3e12c_JaffaCakes118
Size

475KB
MD5

96430dcfd4f604824142927a09e3e12c
SHA1

4fb2d99bcb50f6b5a3df84a1c13cce89cfd8bfd5
SHA256

a7dc36897e3ddff8e4e7d0edcb4925ff4a2020e9e8afd283b7dee774975f8b18
SHA512

9d20d6b7b09eb5362e661b3b4cdc85deca8548d27b60a3906a7ee0940117c1e88b9db89395dac8eb73e0fe8a68bd58f87b52ba8e2a06b9e793f134fc5249ec2c
SSDEEP

12288:/piXveYcpv/cTLhKCAuZoN5h5pX3bpbRel//tz1IK:KvenpHcTL6uON35pXrx2ntz1I

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/out.upx

Files

96430dcfd4f604824142927a09e3e12c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Code Sign

4a:fd:51:17:1b:2e:c8
Certificate

Issuer

SERIALNUMBER=07969287,CN=Go Daddy Secure Certification Authority,OU=http://certificates.godaddy.com/repository,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Not Before

19-05-2011 14:48

Not After

18-05-2012 15:55

Subject

CN=SMS TELECOM LLC,O=SMS TELECOM LLC,L=WILMINGTON,ST=DE,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Certificate

Issuer

OU=Go Daddy Class 2 Certification Authority,O=The Go Daddy Group\, Inc.,C=US

Not Before

29-06-2004 17:06

Not After

29-06-2034 17:06

Subject

OU=Go Daddy Class 2 Certification Authority,O=The Go Daddy Group\, Inc.,C=US

03:01
Certificate

Issuer

OU=Go Daddy Class 2 Certification Authority,O=The Go Daddy Group\, Inc.,C=US

Not Before

16-11-2006 01:54

Not After

16-11-2026 01:54

Subject

SERIALNUMBER=07969287,CN=Go Daddy Secure Certification Authority,OU=http://certificates.godaddy.com/repository,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 1.2MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 458KB - Virtual size: 460KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.text
Size: 613KB - Virtual size: 612KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 21KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 60B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 944KB - Virtual size: 944KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Code Sign

4a:fd:51:17:1b:2e:c8Certificate

Extended Key Usages

Key Usages

Certificate

03:01Certificate

Key Usages

Signer

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 1.2MB

UPX1 Size: 458KB - Virtual size: 460KB

.rsrc Size: 12KB - Virtual size: 12KB

Headers

File Characteristics

Sections

.text Size: 613KB - Virtual size: 612KB

.itext Size: 3KB - Virtual size: 2KB

.data Size: 23KB - Virtual size: 23KB

.bss Size: - Virtual size: 21KB

.idata Size: 12KB - Virtual size: 12KB

.tls Size: - Virtual size: 60B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 42KB - Virtual size: 42KB

.rsrc Size: 944KB - Virtual size: 944KB

4a:fd:51:17:1b:2e:c8
Certificate

03:01
Certificate

UPX0
Size: - Virtual size: 1.2MB

UPX1
Size: 458KB - Virtual size: 460KB

.rsrc
Size: 12KB - Virtual size: 12KB

.text
Size: 613KB - Virtual size: 612KB

.itext
Size: 3KB - Virtual size: 2KB

.data
Size: 23KB - Virtual size: 23KB

.bss
Size: - Virtual size: 21KB

.idata
Size: 12KB - Virtual size: 12KB

.tls
Size: - Virtual size: 60B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 42KB - Virtual size: 42KB

.rsrc
Size: 944KB - Virtual size: 944KB