a45ed6bbe4cbebb3b33b7cd65e2c0627_JaffaCakes118 | Triage

Sharing

General

Target

a45ed6bbe4cbebb3b33b7cd65e2c0627_JaffaCakes118
Size

547KB
MD5

a45ed6bbe4cbebb3b33b7cd65e2c0627
SHA1

529a3f954f06b71b543805b1b34e9b263fb4d716
SHA256

cf891126541c13d6673640b2859c9d6a93cf22b84799fe1943256c54ba372427
SHA512

6a376f606ccf187d7738a667bf2051f88f24bbd7c743c8f0a1b95a79a8b194a0f7da1509183366bb098e432750835ee99b45aaa87dd1f993ad3fdf039fcdfe75
SSDEEP

12288:fvarP3BJSUjIG0vFymzp+QU7h8X+BpqsifmRR0IsRr8aZdoVx/E:fyrPx0UE+EU7hzGmRRG18aZdoVC

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a45ed6bbe4cbebb3b33b7cd65e2c0627_JaffaCakes118

Files

a45ed6bbe4cbebb3b33b7cd65e2c0627_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 4.3MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 609KB - Virtual size: 612KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.payload
Size: 5.0MB - Virtual size: 5.0MB

IMAGE_SCN_MEM_DISCARDABLE

.opcandy
Size: 293KB - Virtual size: 296KB

IMAGE_SCN_MEM_DISCARDABLE

.bunndle
Size: 130KB - Virtual size: 132KB

IMAGE_SCN_MEM_DISCARDABLE