a4ce8a8cee21cecad203116e3fb34459_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a4ce8a8cee21cecad203116e3fb34459_JaffaCakes118
Size

198KB
MD5

a4ce8a8cee21cecad203116e3fb34459
SHA1

6b52a6effdc685c74bddb7c619d838ad309357b9
SHA256

856fdbc4a56d0e843ac6750e3fb3fef545dca0dc38c305145648fe71a1ba3fe5
SHA512

18a63a739d8d058a242bb1569320eea04131a0dd8a93564cc0356c6cfa706d7b949f60fd622250117e6044695c57e52211701c50eaddf51ac7d24485b399fc0b
SSDEEP

3072:8OPViFmkrAYttuToKNiWZrjZLmXX3hyFB05L0N4jwbH3Qjnfvx0HSfzw1rWkL:X/krv2uq3B05oWi3QjnRISfzw1r7L

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
a4ce8a8cee21cecad203116e3fb34459_JaffaCakes118
unpack001/out.upx

Files

a4ce8a8cee21cecad203116e3fb34459_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 124KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 190KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 153KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 141KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ