b1eb88772ffba56e84cc340cbbb44252_JaffaCakes118 | Triage

Sharing

General

Target

b1eb88772ffba56e84cc340cbbb44252_JaffaCakes118
Size

92KB
MD5

b1eb88772ffba56e84cc340cbbb44252
SHA1

714a654184e3b025edff95b4b15cff4e693caefe
SHA256

386aede054ba8f152fc57f5f240411da8915d09e0cab19ccbcdf1cfe16771927
SHA512

dbd32ddde83dfc9889885b018fa27806f878519cacad47449dd71e7e5d91d12255c5a6109a12ecea9ed4ab1d79374ff6ceb5411fa01aea3bd9902d5c82e154c1
SSDEEP

1536:bxjQd3mvHwINCl3oKJ+sun7t/2L9syTxFTgAaGPC8/O65r8NSRDnHC1V:BQgvHXNCl1gN7t/01Nlau/O65r8wiD

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
b1eb88772ffba56e84cc340cbbb44252_JaffaCakes118
unpack001/out.upx

Files

b1eb88772ffba56e84cc340cbbb44252_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 188KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 260KB - Virtual size: 257KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ