b01c729ce444059fb47224e15c8b0946_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b01c729ce444059fb47224e15c8b0946_JaffaCakes118
Size

33KB
MD5

b01c729ce444059fb47224e15c8b0946
SHA1

75f74782184e245b5ac19487b6f8f8727c8b9f31
SHA256

72f17a38f27fce6c0fc0aaa30aa67d8f25b3ab87f49ece44beb7d066744b1fe2
SHA512

9089decf22cb906f5339246fc18b3d5a65438f1b5e5070423751633b2875f476b43029cc7651ae371b682bc970f87d0db01e4779eb2755777b7393d9e9d9b368
SSDEEP

768:jxXICGWwdF2QZOT2FAY+Z6YMQy913+oo6f7kcyLo:jeVW0Ly2F/Eu3+Pe75O

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
b01c729ce444059fb47224e15c8b0946_JaffaCakes118
unpack001/out.upx

Files

b01c729ce444059fb47224e15c8b0946_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 68KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 76KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ