afc187cd9da869a35c406e07892758c8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

afc187cd9da869a35c406e07892758c8_JaffaCakes118
Size

955KB
MD5

afc187cd9da869a35c406e07892758c8
SHA1

45d981f918ac1427e2f4e0ac8c0ff4ce644adecd
SHA256

3234420405f6a1063a0815f90c51a9d1f326e6df2334adb2a4edfe78f8d99c3e
SHA512

f24a109dac404570b83ea7826b5dbb38d50e4549ba42a65fecb09fecd5945fd42cb931285f8d4877d33046895261a47990f583d1c6bc258ff67601787c53a179
SSDEEP

12288:ophzcoCUyZtwAvAs4wTCyrPT0yq0VezaOvoJpaz/g/J/vVoS:ovfty/wAvN7lry0VeH8az/g/J/No

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
afc187cd9da869a35c406e07892758c8_JaffaCakes118
unpack001/out.upx

Files

afc187cd9da869a35c406e07892758c8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ