b6ed05aa587749ce2aff551024b7ca9d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b6ed05aa587749ce2aff551024b7ca9d_JaffaCakes118
Size

425KB
MD5

b6ed05aa587749ce2aff551024b7ca9d
SHA1

bc7a7286d77bf7c7b1ed6afc72da4be6598d4dee
SHA256

c61de6250371ca7e1e61047b450cd9ee55318d12b32f341e11650b9d6bf9da8d
SHA512

0094ec73e0e8e6362e685e8ba5bdf342488d99d6d77a7a6a213b98ee45e7d68b23ad7514bcc8faf990da1a94a5a20d555019669338944b1e58c58144a667cc77
SSDEEP

12288:nCDk9WDCuTyp2DLWIr+hgljU3Faa2cjU3Faa2U:nP9WD16mLWIrFpWBVWBf

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
b6ed05aa587749ce2aff551024b7ca9d_JaffaCakes118
unpack001/out.upx

Files

b6ed05aa587749ce2aff551024b7ca9d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 1.3MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 226KB - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 198KB - Virtual size: 197KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ