adaace4160075f3a401166bb774567c2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

adaace4160075f3a401166bb774567c2_JaffaCakes118
Size

118KB
MD5

adaace4160075f3a401166bb774567c2
SHA1

090ee24709adecc0711d213574210cf2557066df
SHA256

8f1b448966819b79d9c9d8e5d2085a4b5c0797a949d10cd6d4a307e20a285ac0
SHA512

671a993aefb50652226ec0ffc6232f6c817f69dbc3af4a36b751c9331f05fb7310f9102ba66679b76b2d1935f62ec17e565820bde0f56975ff20c7eb56d7e203
SSDEEP

3072:CPTZPU9Ae3bn7lfPvMP+IKRp7CdaKH6gQMiiqE:kTZPU6kb7l3vMKz7yBavpc

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
adaace4160075f3a401166bb774567c2_JaffaCakes118

Files

adaace4160075f3a401166bb774567c2_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllCanUnloadNow
DllGetClassObject
go
setvm

Sections

UPX0
Size: - Virtual size: 156KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 110KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ