b42f0c062025fc95e4847e92f3d20627_JaffaCakes118

General

Target

b42f0c062025fc95e4847e92f3d20627_JaffaCakes118
Size

159KB
MD5

b42f0c062025fc95e4847e92f3d20627
SHA1

86f18b102ee7e36eb23d9ba450bf3f9b0a0deddd
SHA256

108c6a11d6bdd50cb5dc38f9d1bfa050eff0aefa8347b3a989ff95577108be1d
SHA512

77239c3fc5f4f71ca9009188099f00e25de0a7649951d92568f6a467f59a37d998b5f8773b462026e7bb1ef7671cd4d745d7be78dcc375ed1b03e3b239d094f5
SSDEEP

3072:2zNp03zBWfL5iJZb1UsCYcUwPp7gidEBrQMYZMvjz5LPPz7jsve8Zlc1Z+Ll2LDc:25y3zYD5iZB4Yf4BUrQMUcjtPLPoewK1

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
b42f0c062025fc95e4847e92f3d20627_JaffaCakes118
unpack001/out.upx

Files

b42f0c062025fc95e4847e92f3d20627_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 155KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_NET_RUN_FROM_SWAP
IMAGE_FILE_SYSTEM
IMAGE_FILE_DLL

Sections

.text
Size: 1024B - Virtual size: 3KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 176KB - Virtual size: 176KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 64KB

UPX1 Size: 155KB - Virtual size: 156KB

.rsrc Size: 2KB - Virtual size: 4KB

Headers

File Characteristics

Sections

.text Size: 1024B - Virtual size: 3KB

.text Size: 1024B - Virtual size: 2KB

.text Size: 176KB - Virtual size: 176KB

.text Size: 1024B - Virtual size: 1KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 12KB - Virtual size: 11KB

.rsrc Size: 2KB - Virtual size: 1KB

UPX0
Size: - Virtual size: 64KB

UPX1
Size: 155KB - Virtual size: 156KB

.rsrc
Size: 2KB - Virtual size: 4KB

.text
Size: 1024B - Virtual size: 3KB

.text
Size: 1024B - Virtual size: 2KB

.text
Size: 176KB - Virtual size: 176KB

.text
Size: 1024B - Virtual size: 1KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 12KB - Virtual size: 11KB

.rsrc
Size: 2KB - Virtual size: 1KB