b83e155e11592506c7152fa5cc3059a1_JaffaCakes118

General

Target

b83e155e11592506c7152fa5cc3059a1_JaffaCakes118
Size

194KB
MD5

b83e155e11592506c7152fa5cc3059a1
SHA1

b115df697a47c8496bf41c5bd558ae116fcae436
SHA256

c105909a7677e828c1152cb1836e3822976458204d7c8cf76a8e928a59f6cb13
SHA512

8524c0af5aec06bdc433b2465b52e714a51d053910501d3fd408952fbe71172f8951f9fd791d0e94695d5af4ddd59767652ba0e40402b759ed4798afbd832fff
SSDEEP

6144:gpDfmDMRrkTHr/FlHJqhUNr9HUPj7pAdsRZcqj+:ggoO5lTf0Pj72diZt+

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
b83e155e11592506c7152fa5cc3059a1_JaffaCakes118
unpack001/out.upx

Files

b83e155e11592506c7152fa5cc3059a1_JaffaCakes118
.exe windows:6 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 189KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:6 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 137KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 64KB

UPX1 Size: 189KB - Virtual size: 192KB

.rsrc Size: 3KB - Virtual size: 4KB

Headers

File Characteristics

Sections

.text Size: 137KB - Virtual size: 136KB

.pdata Size: 3KB - Virtual size: 2KB

.data Size: 75KB - Virtual size: 74KB

.rdata Size: 2KB - Virtual size: 1KB

.rdata Size: 3KB - Virtual size: 3KB

.rdata Size: 4KB - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 4KB

.pdata Size: 3KB - Virtual size: 2KB

UPX0
Size: - Virtual size: 64KB

UPX1
Size: 189KB - Virtual size: 192KB

.rsrc
Size: 3KB - Virtual size: 4KB

.text
Size: 137KB - Virtual size: 136KB

.pdata
Size: 3KB - Virtual size: 2KB

.data
Size: 75KB - Virtual size: 74KB

.rdata
Size: 2KB - Virtual size: 1KB

.rdata
Size: 3KB - Virtual size: 3KB

.rdata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 4KB

.pdata
Size: 3KB - Virtual size: 2KB