bdd8318b61cedf2e36f19c9daba2e834_JaffaCakes118 | Triage

Sharing

General

Target

bdd8318b61cedf2e36f19c9daba2e834_JaffaCakes118
Size

27KB
MD5

bdd8318b61cedf2e36f19c9daba2e834
SHA1

7114e121d94f451d2bd494baa1fd73a058037cc7
SHA256

034b38abb3530c0f5501a6c32312baeb02e3cd2245af5d1ed205782b59b82049
SHA512

5024c00317b4188a261f9048a40b7f39017e2b80859f0638604bd8b6c76043a2adf54d1cfe074a00b5141e757e0b23493a76b9f99db02edb9cdc58e17eba7d96
SSDEEP

384:MDNy5VPnby2Lm+bW9SSBJF+9Fc8jrbcQjn0lFIh76Xsj2SB+SDMSkUIXYT1kBEg:MxmVPnGaWF+9zFBJksj2mrDMSley1Q

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
bdd8318b61cedf2e36f19c9daba2e834_JaffaCakes118
unpack001/out.upx

Files

bdd8318b61cedf2e36f19c9daba2e834_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 48KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ