a66b7dfdeb88347e19441bacf831e1c2_JaffaCakes118

General

Target

a66b7dfdeb88347e19441bacf831e1c2_JaffaCakes118
Size

184KB
MD5

a66b7dfdeb88347e19441bacf831e1c2
SHA1

57b12b72294770aecef44ba571c5bd6b337ba160
SHA256

0638ee437f39c72bac678631b073d15ab94ab32ae86e8f373b4f06bbcbfd6ce0
SHA512

6a10eb622d10a9318561262addb51421c12d835fd254006665544af9bf2e1666f311e08181fd3cb08e080a874894a48966e8945bef7e5a2b2903b6b4f0ef3a99
SSDEEP

3072:jl63wcx0WFqWHLBpbGSzTxvSQXLojnKhXnOcA1b8uva/mT4IsrOxWUS/ADe:jlMwcx5qWH9pKSzNSQX2nXceWQWr+KoK

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
a66b7dfdeb88347e19441bacf831e1c2_JaffaCakes118
unpack001/out.upx

Files

a66b7dfdeb88347e19441bacf831e1c2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 181KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP
IMAGE_FILE_UP_SYSTEM_ONLY

Sections

m��j
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�C"�q׍
Size: 158KB - Virtual size: 157KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

U�O!�jr�
Size: 512B - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

' �l}X�
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

��)�X
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�`yԾ��
Size: 1024B - Virtual size: 832B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 40KB

UPX1 Size: 181KB - Virtual size: 184KB

.rsrc Size: 1KB - Virtual size: 4KB

Headers

File Characteristics

Sections

m��j Size: - Virtual size: 2KB

�C"�q׍ Size: 158KB - Virtual size: 157KB

U�O!�jr� Size: 512B - Virtual size: 3KB

' �l}X� Size: 7KB - Virtual size: 7KB

����)�X Size: 32KB - Virtual size: 31KB

�`yԾ�� Size: 1024B - Virtual size: 832B

UPX0
Size: - Virtual size: 40KB

UPX1
Size: 181KB - Virtual size: 184KB

.rsrc
Size: 1KB - Virtual size: 4KB

m��j
Size: - Virtual size: 2KB

�C"�q׍
Size: 158KB - Virtual size: 157KB

U�O!�jr�
Size: 512B - Virtual size: 3KB

' �l}X�
Size: 7KB - Virtual size: 7KB

��)�X
Size: 32KB - Virtual size: 31KB

�`yԾ��
Size: 1024B - Virtual size: 832B