b10aae7cb69179dc7a9a0ec1d1df20eb_JaffaCakes118

General

Target

b10aae7cb69179dc7a9a0ec1d1df20eb_JaffaCakes118
Size

197KB
MD5

b10aae7cb69179dc7a9a0ec1d1df20eb
SHA1

d1dd4617f9a00ee114ed0cefdb5871d2126f87ed
SHA256

a1906b62ebaf0a9553c1e5a817c6c8ce6f89ce2aedff74d6ded98cbbdb3b76e6
SHA512

ccdeebebae5291e9c98aa0296f52a3a2c47723dc4d55fe80cd683c86db0495d99f7d529c72d9f500695ba3075c9d42c3db578830e9860d00457aaf42f5652a77
SSDEEP

3072:S3dNJr1nRUbwYpQot90DboAUuVx/jx+6YuOPeNEjEh5ZZrdRPln2c+w2SFAytOIK:StFnybBpQ0Y8Y+FuOmGshdJln2fmFtU

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
b10aae7cb69179dc7a9a0ec1d1df20eb_JaffaCakes118
unpack001/out.upx

Files

b10aae7cb69179dc7a9a0ec1d1df20eb_JaffaCakes118
.exe windows:8 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 76KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 194KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:8 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 546B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.arch
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.data
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.arch
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.tls
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 76KB

UPX1 Size: 194KB - Virtual size: 196KB

.rsrc Size: 2KB - Virtual size: 4KB

Headers

File Characteristics

Sections

.text Size: 128KB - Virtual size: 128KB

.rdata Size: 1024B - Virtual size: 546B

.arch Size: 3KB - Virtual size: 2KB

.data Size: 81KB - Virtual size: 81KB

.arch Size: 1KB - Virtual size: 1KB

.tls Size: 4KB - Virtual size: 4KB

.tls Size: 3KB - Virtual size: 2KB

.rsrc Size: 14KB - Virtual size: 13KB

.reloc Size: 4KB - Virtual size: 4KB

UPX0
Size: - Virtual size: 76KB

UPX1
Size: 194KB - Virtual size: 196KB

.rsrc
Size: 2KB - Virtual size: 4KB

.text
Size: 128KB - Virtual size: 128KB

.rdata
Size: 1024B - Virtual size: 546B

.arch
Size: 3KB - Virtual size: 2KB

.data
Size: 81KB - Virtual size: 81KB

.arch
Size: 1KB - Virtual size: 1KB

.tls
Size: 4KB - Virtual size: 4KB

.tls
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 14KB - Virtual size: 13KB

.reloc
Size: 4KB - Virtual size: 4KB