b35ceadff197af2370d22bacc186c63e_JaffaCakes118 | Triage

Sharing

General

Target

b35ceadff197af2370d22bacc186c63e_JaffaCakes118
Size

123KB
MD5

b35ceadff197af2370d22bacc186c63e
SHA1

86ad89ceb429e4a6cd8ee3775f6763228c322bd1
SHA256

69b1bd4325a79395e35bed17803478f51e8162bb7a9d93cf1c31a02f175d5921
SHA512

b5e296c5200ca6fc7c5a278970634128d710d649943edc2fdf47b2bbc6c62efffe0a2faabfaa57db55df12b85ade3ff19796d0be4e3b8b98cfde082c3a7db1a8
SSDEEP

3072:ueSQ41MZrrOwzrq5Ss9eYfphfFQkUcot3EpeBWLLc6yYds6:uVYrJrOSsRwcpBC6

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b35ceadff197af2370d22bacc186c63e_JaffaCakes118

Files

b35ceadff197af2370d22bacc186c63e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 107KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

42vab535
Size: 62B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

oqvrztrg
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ