b34e948416765e8746308dec46001ff7_JaffaCakes118

General

Target

b34e948416765e8746308dec46001ff7_JaffaCakes118
Size

297KB
MD5

b34e948416765e8746308dec46001ff7
SHA1

d9801e04e97a2929cec107f7033bf97f661d02cc
SHA256

4e34c69f4dc6c935564d10b130e80f60ed2d1cf6d016babf8be8f38d998124a2
SHA512

bfbbf3d90f0efde46cf822b1e89e67923db913b96bcb49a277f0025eeec4f0438fc348ba69e27dca5e35abdedb9d0b4fc62743cfb127d943fd1b864c85f3d1f1
SSDEEP

6144:FEpcRAk9eIArs96ZBEUGm+jTJFy+zu1XIGj1PBeSZyti:hu+Eg96ZaUGm+3Ol1YGjz

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
b34e948416765e8746308dec46001ff7_JaffaCakes118
unpack001/out.upx

Files

b34e948416765e8746308dec46001ff7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 3.8MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 294KB - Virtual size: 296KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.text
Size: 172KB - Virtual size: 176KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 172KB - Virtual size: 176KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ndata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3.2MB - Virtual size: 3.4MB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_MEM_READ

.reloc
Size: 250KB - Virtual size: 252KB

IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 3.8MB

UPX1 Size: 294KB - Virtual size: 296KB

.rsrc Size: 2KB - Virtual size: 4KB

Headers

File Characteristics

Sections

.text Size: 172KB - Virtual size: 176KB

.text Size: 172KB - Virtual size: 176KB

.ndata Size: 20KB - Virtual size: 20KB

.data Size: 3.2MB - Virtual size: 3.4MB

.rdata Size: 32KB - Virtual size: 32KB

.reloc Size: 250KB - Virtual size: 252KB

.rsrc Size: 2KB - Virtual size: 1KB

UPX0
Size: - Virtual size: 3.8MB

UPX1
Size: 294KB - Virtual size: 296KB

.rsrc
Size: 2KB - Virtual size: 4KB

.text
Size: 172KB - Virtual size: 176KB

.text
Size: 172KB - Virtual size: 176KB

.ndata
Size: 20KB - Virtual size: 20KB

.data
Size: 3.2MB - Virtual size: 3.4MB

.rdata
Size: 32KB - Virtual size: 32KB

.reloc
Size: 250KB - Virtual size: 252KB

.rsrc
Size: 2KB - Virtual size: 1KB