aed6b0ddfa95a9563cb0f2468fc30edc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aed6b0ddfa95a9563cb0f2468fc30edc_JaffaCakes118
Size

84KB
MD5

aed6b0ddfa95a9563cb0f2468fc30edc
SHA1

c0e37c0d62044b54179d78dd30a03620ff8440db
SHA256

992d92a88c815d9819675ec519a00c3262334f4e94add8d82778769795a4749e
SHA512

0acbd6c3d322fc0f10e3d8a86978cb0c922528d69cd6097079a6982bc26c7a6315d590462ed51dfcf36ce93f92f2b936c19fda5bee4fd1f893bf86e059fc307e
SSDEEP

1536:4StDEnwOmpsj47I2MPlEXwazLMnouy8+DDpycVv:FEnKss7IfiX9zLMout0DocJ

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aed6b0ddfa95a9563cb0f2468fc30edc_JaffaCakes118

Files

aed6b0ddfa95a9563cb0f2468fc30edc_JaffaCakes118
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 160KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 43KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc/0/GROUP_ICON/103
.rsrc/0/ICON/50.ico
.rsrc/0/ICON/51.ico
.rsrc/0/ICON/52.ico
.rsrc/0/ICON/53
.png
.rsrc/0/ICON/54.ico
.rsrc/0/ICON/55.ico
.rsrc/0/ICON/56.ico
.rsrc/1033/MANIFEST/1
.xml
.rsrc/1033/version.txt
.rsrc_1
UPX1