c7ada6932e2c40ea0e34128d8319af35_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c7ada6932e2c40ea0e34128d8319af35_JaffaCakes118
Size

76KB
MD5

c7ada6932e2c40ea0e34128d8319af35
SHA1

eadaeaddeebb7a4f11ffc72a2df4ce4798b297e5
SHA256

8f7e9485ec58c90c9c26ac2de4b2e25eaec464edab6ebb9490bba8be42324a73
SHA512

fa9c9d1cf1fd1d4d9b153d1cb90b59fc38c42df41e4e012d3e1481aad887608f1e8e96002113a315a36beae02f9bd60b47a7120c87057626f6387b49d0fc4a62
SSDEEP

1536:TB+VYu2yJMui2q0sRFctV2u0oDgEKOns0ULlmKfX5m2xo:TUVK0q/FctV2Reg6sd1f5m2

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
c7ada6932e2c40ea0e34128d8319af35_JaffaCakes118
unpack001/out.upx

Files

c7ada6932e2c40ea0e34128d8319af35_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 28KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 70KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ