ac69fdf7682b28fe7d720586202e61b0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ac69fdf7682b28fe7d720586202e61b0_JaffaCakes118
Size

32KB
MD5

ac69fdf7682b28fe7d720586202e61b0
SHA1

7868c0c7369b0f88eb580c60d54cd13169084160
SHA256

6377b9658d763f45fe865ad2018c0e2abfd1495cffa1321b60fd142fd427df1a
SHA512

aa8aad8fc7b3edb5ca2bd818915e0f87479be82d7a4b6a4c6cdaeed8f94f4ecf9b86e5c16d1d6fa622920f9c58cbfb85e3c2db1c3f17bf52369f49344c063c6a
SSDEEP

768:hxU+zxscPoXDgJB/keTREAvy/8Vf2ByFKBf:hxU+zxscPoYZTREAvzd2ByYBf

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
ac69fdf7682b28fe7d720586202e61b0_JaffaCakes118
unpack001/out.upx

Files

ac69fdf7682b28fe7d720586202e61b0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 92KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ