abd88f1a7e137125ff68a7e719f7d455_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

abd88f1a7e137125ff68a7e719f7d455_JaffaCakes118
Size

124KB
MD5

abd88f1a7e137125ff68a7e719f7d455
SHA1

fa3abe7883a0b4d35b18730e5b4d9cd552f98835
SHA256

912647b47db1390204eaf6c07e90cc9c9c504ad293f7818f8dbe28c96529b4cd
SHA512

ec177946208a43f72ebc914c825d3ddde565f4917d314fdf141036049584efd8046b083b33af6478c92c0b99b220c8907cfc5ccbe97a19b5eaa686b952e580c5
SSDEEP

1536:XUhr5db+IxVXMo/xUsVlh+Z2TU/f7EA3uJR0u6CxDo80+X/LBh2yEi9oLl:XC7jxVXMAph+Z2Tcf73uJRjTjBh1EimR

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
abd88f1a7e137125ff68a7e719f7d455_JaffaCakes118
unpack001/out.upx

Files

abd88f1a7e137125ff68a7e719f7d455_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 48KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ