abb2db54faf6e9ac17b5404bda08a371_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

abb2db54faf6e9ac17b5404bda08a371_JaffaCakes118
Size

30KB
MD5

abb2db54faf6e9ac17b5404bda08a371
SHA1

ff99d4fa2c9d014aafc8fd95f723c77ce0081d4c
SHA256

564ab97715c3db79d16103e6bb32b3a516815b601daba8e1a2dbd2ef250b018d
SHA512

8f9cc377973374aa93ed0263d5eba145e283edda22d79853dccd1761be445d18c9cdfa1f062d29f7eace86f97089b951b72b3589da556301505a889721f17f63
SSDEEP

768:829xOGjLCnja+RRUu3amyMw9M3PLMLFSEqtX:39xPYjl/Uu1yBagBfq9

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
abb2db54faf6e9ac17b5404bda08a371_JaffaCakes118
unpack001/out.upx

Files

abb2db54faf6e9ac17b5404bda08a371_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 44KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ