a135c5297a59e0b7897967d0c98b1966_JaffaCakes118

General

Target

a135c5297a59e0b7897967d0c98b1966_JaffaCakes118
Size

266KB
MD5

a135c5297a59e0b7897967d0c98b1966
SHA1

9dae06f58046d6c9c79fa8624bed47a0b00fcae4
SHA256

cf41db457df6ca4887bc595d6d121bceb75c2cb69cd231bbc09798ad817c5b8e
SHA512

0f9815df71342cacb29920d4fcf8c54bc5a41d0b66b2efb66a3dd6fa552551070ad62cc9bbe6e16c7a5e6cb6c399cc4b22fe5fb6628518ede7efe1eab91c2af0
SSDEEP

6144:bjIeT/WMUKjtFY32lED0W79nU8bLoXEfyYpT:bbXjtF7Wpn1oUfyyT

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
a135c5297a59e0b7897967d0c98b1966_JaffaCakes118
unpack001/out.upx

Files

a135c5297a59e0b7897967d0c98b1966_JaffaCakes118
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 220KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 261KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 122KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

BSS
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 154KB - Virtual size: 310KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 220KB

UPX1 Size: 261KB - Virtual size: 264KB

.rsrc Size: 4KB - Virtual size: 8KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 122KB - Virtual size: 121KB

.tls Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 3KB

BSS Size: - Virtual size: 6KB

BSS Size: - Virtual size: 3KB

.data Size: 154KB - Virtual size: 310KB

.rsrc Size: 15KB - Virtual size: 1.3MB

UPX0
Size: - Virtual size: 220KB

UPX1
Size: 261KB - Virtual size: 264KB

.rsrc
Size: 4KB - Virtual size: 8KB

.text
Size: 122KB - Virtual size: 121KB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 3KB

BSS
Size: - Virtual size: 6KB

BSS
Size: - Virtual size: 3KB

.data
Size: 154KB - Virtual size: 310KB

.rsrc
Size: 15KB - Virtual size: 1.3MB