b063dffaeb0bffd9da4b090e16567920_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b063dffaeb0bffd9da4b090e16567920_JaffaCakes118
Size

86KB
MD5

b063dffaeb0bffd9da4b090e16567920
SHA1

a46ce90e1d3bb8cc3be5f55840877052455cab80
SHA256

6777f1f7c55dd2ba9385695aa42f47b1779517898bbf9db81e0b8afd631626db
SHA512

e053d40e0ba5405cb0c17477ebc766164c8bdca80d50854ea0d5a6bc5be24fc0502d2a78312af2d59e33eee1415f56f092fd8c5e2a8036dbe54d908a67b2e639
SSDEEP

1536:YKIh2dz0PkNwMgu06uxqCOJI0WPl83AhQdFj8WDk4fG:XrdokwQ0bq9WmpPG

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
b063dffaeb0bffd9da4b090e16567920_JaffaCakes118
unpack001/out.upx

Files

b063dffaeb0bffd9da4b090e16567920_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 2.0MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 81KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ