ac32258e6740c4d9be906fed3f7e9b1d_JaffaCakes118

General

Target

ac32258e6740c4d9be906fed3f7e9b1d_JaffaCakes118
Size

578KB
MD5

ac32258e6740c4d9be906fed3f7e9b1d
SHA1

49471fe2babb2ac530001ba2739eaf5dc96d06be
SHA256

9b0786092bde6da60edad89d6213abc480f95b3f76b03ea9fd94cb239f280f97
SHA512

a7a4d6f182899f2fb5c9952419a6125aa93976f0c534ca2b82100aa47c6fb833f11ac8ad4d5b41ea7cf466f186d50f3d0e5bf9ebee1c0e38e25f9886a61f638c
SSDEEP

12288:dtaWHU6JaP1/S67ouc41eG6HdnY3lOA5c:dn06Ja9z8dn2l

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
ac32258e6740c4d9be906fed3f7e9b1d_JaffaCakes118
unpack001/out.upx

Files

ac32258e6740c4d9be906fed3f7e9b1d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 9.2MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 471KB - Virtual size: 472KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 105KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

DATA
Size: 9.2MB - Virtual size: 9.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CODE
Size: 339KB - Virtual size: 339KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 105KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 9.2MB

UPX1 Size: 471KB - Virtual size: 472KB

.rsrc Size: 105KB - Virtual size: 108KB

Headers

File Characteristics

Sections

DATA Size: 9.2MB - Virtual size: 9.2MB

CODE Size: 339KB - Virtual size: 339KB

BSS Size: - Virtual size: 3KB

.idata Size: 8KB - Virtual size: 7KB

.tls Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.rsrc Size: 105KB - Virtual size: 108KB

UPX0
Size: - Virtual size: 9.2MB

UPX1
Size: 471KB - Virtual size: 472KB

.rsrc
Size: 105KB - Virtual size: 108KB

DATA
Size: 9.2MB - Virtual size: 9.2MB

CODE
Size: 339KB - Virtual size: 339KB

BSS
Size: - Virtual size: 3KB

.idata
Size: 8KB - Virtual size: 7KB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 105KB - Virtual size: 108KB