b12404fbaf6f22928207c3b67e6c30ab_JaffaCakes118

General

Target

b12404fbaf6f22928207c3b67e6c30ab_JaffaCakes118
Size

367KB
MD5

b12404fbaf6f22928207c3b67e6c30ab
SHA1

cdb540f11d248020b7f0783b6eab0465306375c6
SHA256

bac997da94da49dcf7d2061c0f5152899650250ef8ca748d959b41b353ae3799
SHA512

498b0ff5e9a82964b7117e71829f8fcc2b6ebfeba6bb7755f9158bb77f98b65e3f78ecc4988f12f3dd7603419f1b956089be0316edb2c5637ebb92acffa0e81a
SSDEEP

6144:/xUF5PpnSWl2qDW2NCyz2wa6JEJLVvtiYI+0NNNTvOf+qnf:WfdSWNHNCy5FenRI+0NL2H

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b12404fbaf6f22928207c3b67e6c30ab_JaffaCakes118

Files

b12404fbaf6f22928207c3b67e6c30ab_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 208KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 283KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 79KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RPCrypt
Size: 461B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DexCrypt
Size: 60B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RPCrypt
Size: 631B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DexCrypt
Size: 96B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DexCrypt
Size: 114B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DexCrypt
Size: 132B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

��w��
Size: 150B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 208KB

UPX1 Size: 283KB - Virtual size: 284KB

.rsrc Size: 79KB - Virtual size: 80KB

.RPCrypt Size: 461B - Virtual size: 4KB

DexCrypt Size: 60B - Virtual size: 4KB

.RPCrypt Size: 631B - Virtual size: 4KB

DexCrypt Size: 96B - Virtual size: 4KB

DexCrypt Size: 114B - Virtual size: 4KB

DexCrypt Size: 132B - Virtual size: 4KB

���w�� Size: 150B - Virtual size: 4KB

UPX0
Size: - Virtual size: 208KB

UPX1
Size: 283KB - Virtual size: 284KB

.rsrc
Size: 79KB - Virtual size: 80KB

.RPCrypt
Size: 461B - Virtual size: 4KB

DexCrypt
Size: 60B - Virtual size: 4KB

.RPCrypt
Size: 631B - Virtual size: 4KB

DexCrypt
Size: 96B - Virtual size: 4KB

DexCrypt
Size: 114B - Virtual size: 4KB

DexCrypt
Size: 132B - Virtual size: 4KB

��w��
Size: 150B - Virtual size: 4KB