b5cbedf2313fc23428906798370c17ed_JaffaCakes118 | Triage

Sharing

General

Target

b5cbedf2313fc23428906798370c17ed_JaffaCakes118
Size

85KB
MD5

b5cbedf2313fc23428906798370c17ed
SHA1

078845f15333cb9731597b1d2f1c27bfcd0b4297
SHA256

33cc6579e985579c178ab77c2429497c5bb0c1e2b83f46bba41aa8733fa70f36
SHA512

daec1b49e6fc6e2f0774d8ce73a1c60fd17733eaba2438832fcc5802a92b7c382528a05a38bd9f98a31c4af92fbcb00c2801c0415db5e47dd22adf8255df904e
SSDEEP

1536:iJYrCTD6ywHX/vpMKaz5+DzK9zkuMomGyy5j1ZeyY43X9kPE5FZtHR:sY+TuywHPvpi/ww1+ytIE5FZtHR

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b5cbedf2313fc23428906798370c17ed_JaffaCakes118

Files

b5cbedf2313fc23428906798370c17ed_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 108KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 52KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ESV
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.ESV
.rsrc/1033/GROUP_ICON/103
.rsrc/1033/ICON/1.ico
.rsrc/1033/ICON/2.ico
.rsrc/1033/ICON/3.ico
.rsrc/1033/ICON/4.ico
.rsrc/1033/ICON/5.ico
.rsrc/1033/ICON/6.ico
.rsrc/1033/ICON/7.ico
.rsrc/1033/ICON/8.ico
.rsrc/1033/ICON/9.ico
.rsrc/1033/MANIFEST/1
.xml
.rsrc/2052/version.txt
UPX1