a81f171633cb3cb1fb9b787631e20afd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a81f171633cb3cb1fb9b787631e20afd_JaffaCakes118
Size

8KB
MD5

a81f171633cb3cb1fb9b787631e20afd
SHA1

ad134d508a38d6cd94763a3c35837f0dfcd947dc
SHA256

99633ec2bd5412454e6b418be9c5c5e4c4b0279fe5b46462c9c20a829b3baf36
SHA512

557c7518ee893b96f79d045ef1bdebd2c3e68b584e3b5ceef42d988a67883486a0299b1eaf7f06ee0a149ceaeb40bd8fb8b7c101fc7a1fd40fb883d7aff82f09
SSDEEP

192:gV5ibNz3wMfE/lLAwTw1qeuIVC/3Xpq7M2B:gmDwMUAwTw1m/ngQ2B

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
a81f171633cb3cb1fb9b787631e20afd_JaffaCakes118
unpack001/out.upx

Files

a81f171633cb3cb1fb9b787631e20afd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 160KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 364B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 752B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ