bddba9b16ed6bded6e48b60e8c59ac10_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bddba9b16ed6bded6e48b60e8c59ac10_JaffaCakes118
Size

307KB
MD5

bddba9b16ed6bded6e48b60e8c59ac10
SHA1

cf9bfe754425dd1ccaf33f0987d937ac059226d6
SHA256

d8dee297e2e3d27088d50b1d22579b95fd1dd8080f524e2953d621a418251fe3
SHA512

e7202eac7ecefd5f07f274d4fa12581bc9b3c37dbc589e0837878f9a09f5b725e5188b0af6458ef51710ee9b38eadf194e301452f0079741870d51e19e29cd69
SSDEEP

6144:VJd5FCQ+UpXawmRpqn3sBpjLrf89GopPc35+vZYJDfUmCB:j9CQBp7qI8vPo7qpogDfo

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bddba9b16ed6bded6e48b60e8c59ac10_JaffaCakes118

Files

bddba9b16ed6bded6e48b60e8c59ac10_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 104KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 135KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.newIID
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 68KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE