ab5c29d4453f703c82f8bd7abca6c257_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ab5c29d4453f703c82f8bd7abca6c257_JaffaCakes118
Size

30KB
MD5

ab5c29d4453f703c82f8bd7abca6c257
SHA1

41731843ba5241e214bbf4c51f2e1f4a60b5ce65
SHA256

1a9f3170205c83deca31c2d044cdb193107fe567a495bd6b05850aa5432bb03e
SHA512

12d37a257fbcec8a3bb667eef491b52f9f10d8a083bf98139cf81537374bcfcf63d0a1da1ae0f5770a99d0582bb537e431a4e1b6b513bee13f061ef1560a5b16
SSDEEP

768:/kFuCpduxVE3fnPtNHdjzc0IGEBsJ46Gb1nY4xh:/GuCwy3tNHd/c0IfsJ4LZ

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ab5c29d4453f703c82f8bd7abca6c257_JaffaCakes118

Files

ab5c29d4453f703c82f8bd7abca6c257_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.gpch
Size: 20KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.y0da
Size: 41B - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.UPX2
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.FSG
Size: - Virtual size: 5.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gpch
Size: 613B - Virtual size: 613B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE