a64d7f9d1643a40a97241628fdffb921_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a64d7f9d1643a40a97241628fdffb921_JaffaCakes118
Size

123KB
MD5

a64d7f9d1643a40a97241628fdffb921
SHA1

2b5f516656ea3ee126606270747e77da190388d3
SHA256

751911f8331163fb0e3371ad74701ca19aa28c9e53bb29d18eadc9ab894d4725
SHA512

5190318fa923439e3ffed76c5b25ad5c1d2710f02e758f57083c757cd17f90bd6483dbafea6ddd3f91c0f4fcc0e1ae75b296168176da8ac59ad3244bb2278282
SSDEEP

3072:teSQ41MZrrOwzrq5Ss9eYfphfFQkUcot3EpeBWLsnh+QbX:tVYrJrOSsRwcpc+E

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a64d7f9d1643a40a97241628fdffb921_JaffaCakes118

Files

a64d7f9d1643a40a97241628fdffb921_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 107KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

42vab535
Size: 62B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

oqvrztrg
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ