General
-
Target
ab14803c7f59c9e17b97f735b2fdd9e0_JaffaCakes118
-
Size
163KB
-
MD5
ab14803c7f59c9e17b97f735b2fdd9e0
-
SHA1
a855fbfc5ee355236dfc0cca018dd6805be5dc9a
-
SHA256
16b6ced189ca12771123a03a7b4c0a9876682f97279e0f2918d5a2df85be5592
-
SHA512
f00fc9acd119f1bf74b12b98c385141e8b5140164fc284e4469b53df6f4a210c19c89aca286adc57568467c7f2928ef5c52e7187474127c8108c82a9a73ba0b2
-
SSDEEP
3072:O1kIaBBH7BO3XY22nrOWMWKlaZsP6ASE3M+3OuUUE0c7ScyVp/tS:O1k5A42O+WKlaZsP/zWUE0c7AV
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource ab14803c7f59c9e17b97f735b2fdd9e0_JaffaCakes118 unpack001/out.upx
Files
-
ab14803c7f59c9e17b97f735b2fdd9e0_JaffaCakes118.exe windows:10 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 60KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 158KB - Virtual size: 160KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 3KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.exe windows:10 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 120KB - Virtual size: 120KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 67KB - Virtual size: 66KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 11KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ