a9a35548f682f1b415f75f8b08dd2240_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a9a35548f682f1b415f75f8b08dd2240_JaffaCakes118
Size

107KB
MD5

a9a35548f682f1b415f75f8b08dd2240
SHA1

509fa7f71532a1259840abdfc40bac7e78076650
SHA256

5f34e126a08eb70460611835e9e0497714a4620fd35f77793a8d075c1205bf71
SHA512

1bf524f113df7eefba087cdaa57ef87936b2d2c0e7756cb5698a937476e1eca4e1db6ddbe261b1a440742e9168dc991dbf04142606b7829b579611ec65ad6171
SSDEEP

1536:TJKRZ6wdTkN4/1FEVkEySmFVakKxLmiQS2KkOcU:TSZ6CkuUVuSmKkKxLmvStkOcU

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a9a35548f682f1b415f75f8b08dd2240_JaffaCakes118

Files

a9a35548f682f1b415f75f8b08dd2240_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 35KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ap0x
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE