af040a85b2e3ad3b4461ec22ea313898_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

af040a85b2e3ad3b4461ec22ea313898_JaffaCakes118
Size

111KB
MD5

af040a85b2e3ad3b4461ec22ea313898
SHA1

10bb1617d87472cc740adf1f58dfe016f7f8664b
SHA256

48e15eb3b3b97c1f02dd565b8478d05672d58810711bea0895be8c3ba26bcda1
SHA512

66b438a5bc82963e82266624d24e21c405afd936d8bc45a02292e5c5ba8c8325ff209ab72258c7b20e83022c39cbcc96877167df1ed635a97ae9d9ca70dfc4e7
SSDEEP

3072:lyfzZPgoRBaMWFOVsbKmA6dkPNXQ4xw5e:u1BaMWFR5A6OQN

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
af040a85b2e3ad3b4461ec22ea313898_JaffaCakes118
unpack001/out.upx

Files

af040a85b2e3ad3b4461ec22ea313898_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 108KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 46KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ