b3691c2554fc2f1df147d911765285bc_JaffaCakes118 | Triage

Sharing

General

Target

b3691c2554fc2f1df147d911765285bc_JaffaCakes118
Size

34KB
MD5

b3691c2554fc2f1df147d911765285bc
SHA1

93c9b7f56056d8f81abd780b19916e71bc4b6a0c
SHA256

5256f4ac37a4e4bcf2ece1a922f9fcb562a312278468d48a9f2d269757b4695d
SHA512

78d152fe700bbea3c0c3c23308f80627bf67cc4cbc5afd60f8513a4eda76c4fee635b94ca17ec48046eac7558f8121217c92a71658d8bcc69f893027900b817a
SSDEEP

768:5dXeEVe+lWp2yxzMVhUh0uP3kPg+tPIK/:DXrohCVhWPj+1IK/

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
b3691c2554fc2f1df147d911765285bc_JaffaCakes118
unpack001/out.upx

Files

b3691c2554fc2f1df147d911765285bc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 60KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.data
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 808B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ