a9936b0544b3e7afd28f934ad75c89ec_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a9936b0544b3e7afd28f934ad75c89ec_JaffaCakes118
Size

124KB
MD5

a9936b0544b3e7afd28f934ad75c89ec
SHA1

555b2044467c509f2a191a7e9fb17a9e0361ee96
SHA256

e31d29a86129e5d2665dc4a5169d2d7475a606ee901ea9808cd729a16691a2e8
SHA512

f6a5530cd2552607dc050ca725b52654f2c06799bf3fecf33c6fa4ed1f65ebd3c4819e292fd40c6345ba8bf9f2b2a95e240a0412fcb03ebb1efe1cf8764f8205
SSDEEP

3072:NeSQ41MZrrOwzrq5Ss9eYfphfFQkUcot3EpeBWLs079:NVYrJrOSsRwcp5x

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a9936b0544b3e7afd28f934ad75c89ec_JaffaCakes118

Files

a9936b0544b3e7afd28f934ad75c89ec_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 107KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

42vab535
Size: 62B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

oqvrztrg
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ