c1728069dca54a56d50ab1f738716e6f_JaffaCakes118

General

Target

c1728069dca54a56d50ab1f738716e6f_JaffaCakes118
Size

755KB
MD5

c1728069dca54a56d50ab1f738716e6f
SHA1

87da19a41087a5c4dbe2bb542c1937e4585855e2
SHA256

409d002ef23211487167b691ad8b110d122edb6febc570eb5f0a4eada4791a7a
SHA512

5dc8bd18068f43b815e0ed792e88b2c82323956c6bbb9dcefebf0926bccb3843440e77cae6275e305e1deb19f4c2b7dd5e7ad9f572968329e5bd6d83b20a2822
SSDEEP

12288:HWuP/c8I+ffhw6oFzxVs90gvA5vVHQeDCtWHWs5Ttdw/DM1lo1Yl6L9ne1wuk3Lm:HW8/cWfJ901JlvGKCJs54M1OYgLwwukq

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
c1728069dca54a56d50ab1f738716e6f_JaffaCakes118
unpack001/out.upx

Files

c1728069dca54a56d50ab1f738716e6f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 1.5MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 751KB - Virtual size: 752KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 225KB - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 117KB - Virtual size: 380KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pseudo
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 1.5MB

UPX1 Size: 751KB - Virtual size: 752KB

.rsrc Size: 3KB - Virtual size: 4KB

Headers

File Characteristics

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.data Size: 225KB - Virtual size: 228KB

Size: 117KB - Virtual size: 380KB

Size: 2KB - Virtual size: 4KB

.rsrc Size: 39KB - Virtual size: 39KB

.idata Size: 12KB - Virtual size: 16KB

.pseudo Size: 5KB - Virtual size: 8KB

UPX0
Size: - Virtual size: 1.5MB

UPX1
Size: 751KB - Virtual size: 752KB

.rsrc
Size: 3KB - Virtual size: 4KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.data
Size: 225KB - Virtual size: 228KB

.rsrc
Size: 39KB - Virtual size: 39KB

.idata
Size: 12KB - Virtual size: 16KB

.pseudo
Size: 5KB - Virtual size: 8KB