b0dcd75688343b21ab39182b7a0c2125_JaffaCakes118

General

Target

b0dcd75688343b21ab39182b7a0c2125_JaffaCakes118
Size

150KB
MD5

b0dcd75688343b21ab39182b7a0c2125
SHA1

f14e6e7fdba3ff9bac3631adbdbde4e6930faa16
SHA256

bb7eb8399ff92dc0e7c4332fdf8709149f2ab3183e045f950211b529c883ae5a
SHA512

58d38dd1502cb0261004141a38068859c0fa2ea12e03242dbd62dabba3f597905dd7a4cc5ea0a05ced3b681ae3090290edeb351b4a2e8c2ac911504a2f2fa4e7
SSDEEP

3072:Odyz7JOZZYgMtUCv3y7XNm8mjlUoLtcFuka19wDEmPcnN1qA9f:EyzVOfYgMuCv3Ug82lUwivU

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
b0dcd75688343b21ab39182b7a0c2125_JaffaCakes118
unpack001/out.upx

Files

b0dcd75688343b21ab39182b7a0c2125_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 68KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 133KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.katsrrv
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ffre
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.cylednh
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ydsb
Size: 1024B - Virtual size: 918B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dxort
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wmxb
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hmlmrei
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 68KB

UPX1 Size: 133KB - Virtual size: 136KB

.rsrc Size: 16KB - Virtual size: 16KB

Headers

File Characteristics

Sections

.katsrrv Size: 512B - Virtual size: 4KB

.ffre Size: 82KB - Virtual size: 82KB

.cylednh Size: 512B - Virtual size: 4KB

.ydsb Size: 1024B - Virtual size: 918B

.dxort Size: 512B - Virtual size: 4KB

.wmxb Size: 75KB - Virtual size: 75KB

.hmlmrei Size: 15KB - Virtual size: 15KB

UPX0
Size: - Virtual size: 68KB

UPX1
Size: 133KB - Virtual size: 136KB

.rsrc
Size: 16KB - Virtual size: 16KB

.katsrrv
Size: 512B - Virtual size: 4KB

.ffre
Size: 82KB - Virtual size: 82KB

.cylednh
Size: 512B - Virtual size: 4KB

.ydsb
Size: 1024B - Virtual size: 918B

.dxort
Size: 512B - Virtual size: 4KB

.wmxb
Size: 75KB - Virtual size: 75KB

.hmlmrei
Size: 15KB - Virtual size: 15KB