a3bf2b26977da634f67fb8ed969ecbc7_JaffaCakes118 | Triage

Sharing

General

Target

a3bf2b26977da634f67fb8ed969ecbc7_JaffaCakes118
Size

90KB
MD5

a3bf2b26977da634f67fb8ed969ecbc7
SHA1

e062a48d82c6e66ca8f796c74fa7451a78672a55
SHA256

ba8d2b4f97b5e67aea0fd65d67dec252459960fa808b22b20b7f41eaa6152bd3
SHA512

9c5e21fde5d46ed029bc2a0b3ec307b81c8f9ee9173be94d0b7b93288b14e458a623815ee5444b4fc77b8b960b0cc6ef76abb121a636d848a243d3df9b636fcd
SSDEEP

1536:VGHIvbU5MaGcEvpsDPTSEKx86G4B6CgllABp5oeCd3MM5m2fZ/avMMQ:VGHkUOcEhsDPTXKGiI5LAv5LM5m2OMMQ

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
a3bf2b26977da634f67fb8ed969ecbc7_JaffaCakes118
unpack001/out.upx

Files

a3bf2b26977da634f67fb8ed969ecbc7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 172KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 86KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 244KB - Virtual size: 240KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ