c1c73a747e84cce3e7f8b0c6372ff22d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c1c73a747e84cce3e7f8b0c6372ff22d_JaffaCakes118
Size

132KB
MD5

c1c73a747e84cce3e7f8b0c6372ff22d
SHA1

b84bb0b11d0ff5cd45a63224c44ccb771bb10f4d
SHA256

e94480646e615ce8c14cd55ee470352953659f856e1250065f48f1b71c734fd6
SHA512

efe475557dc272b262159d61d836029bb9109adcb70a66371e209388920c64a92a76b9ea13328c7c2e97433ea81fbdabf84cac5cc30aa8ffdc68c902f3de3009
SSDEEP

3072:IoJEIHdmROJqz/85e7YCmFp3JJyf3O96f:VSkdmRBJ7JwpZJu3O9

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
c1c73a747e84cce3e7f8b0c6372ff22d_JaffaCakes118
unpack001/out.upx

Files

c1c73a747e84cce3e7f8b0c6372ff22d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 72KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 123KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ