c280095e8a49fd7079cddb1f483159ce_JaffaCakes118

General

Target

c280095e8a49fd7079cddb1f483159ce_JaffaCakes118
Size

382KB
MD5

c280095e8a49fd7079cddb1f483159ce
SHA1

670e01c4643f8607fb7d5132db4b52f8a471f7ee
SHA256

9d05768f1b09819c6ef2bf34e5542516eae541263806a99d6ce19f6792f31d19
SHA512

b262a531ed63a382924ea75a79371113c14a7b805edee7b982362bb9712b43c26b7854fab00b0965a02791928926ce62980f12d3f7bf4dad43db99879daa2d34
SSDEEP

6144:MdPrqgqBflrdZS4XYM75YaQsUHs6AIoPP6DBl77Ibf/uPE21DdtT+0/qhcn9HAwm:Mdzqg0ZLN1Rq9Iz/uPEUDWSlNgEu

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
c280095e8a49fd7079cddb1f483159ce_JaffaCakes118
unpack001/out.upx

Files

c280095e8a49fd7079cddb1f483159ce_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 96KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 58KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 12B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 96KB

UPX1 Size: 58KB - Virtual size: 60KB

.rsrc Size: 6KB - Virtual size: 8KB

Headers

File Characteristics

Sections

CODE Size: 94KB - Virtual size: 93KB

DATA Size: 12KB - Virtual size: 12KB

BSS Size: - Virtual size: 2KB

.idata Size: 3KB - Virtual size: 3KB

.tls Size: - Virtual size: 12B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 7KB - Virtual size: 6KB

.rsrc Size: 11KB - Virtual size: 10KB

UPX0
Size: - Virtual size: 96KB

UPX1
Size: 58KB - Virtual size: 60KB

.rsrc
Size: 6KB - Virtual size: 8KB

CODE
Size: 94KB - Virtual size: 93KB

DATA
Size: 12KB - Virtual size: 12KB

BSS
Size: - Virtual size: 2KB

.idata
Size: 3KB - Virtual size: 3KB

.tls
Size: - Virtual size: 12B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 7KB - Virtual size: 6KB

.rsrc
Size: 11KB - Virtual size: 10KB