970872bb62555885855de92f834da10c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

970872bb62555885855de92f834da10c_JaffaCakes118
Size

122KB
MD5

970872bb62555885855de92f834da10c
SHA1

3533c1c71128a0471ec63b9ea1877dc9bbeca71b
SHA256

d6f45e4a7648ed2d033ee83a72793081fe577b5db6292b8a66a050c08036f456
SHA512

e4adc1ee6b694e1c3571be4e02f2e141bf86d274bc358c75c7b51c1d7bae7dff35a8bb92731217ac629444c94a1675401b2c4c7a88ed7798eaec4a899510b40a
SSDEEP

3072:BN+tPZVBB4drBdbyG8clspoe7xm5Z5q3dXnRlmn0Vqh3ap:7mTB2dN8c2pBm5Qlzu0Vqh

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
970872bb62555885855de92f834da10c_JaffaCakes118
unpack001/out.upx

Files

970872bb62555885855de92f834da10c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 68KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 114KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ