c7e33cefdb6e0578043e592f035ef56d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c7e33cefdb6e0578043e592f035ef56d_JaffaCakes118
Size

105KB
MD5

c7e33cefdb6e0578043e592f035ef56d
SHA1

4f4b4783c1f017bee24fbe58e3ee32b753494697
SHA256

5939b0f61636a41db9a22c326f36327d81389930df75fce6ff45c4b068253693
SHA512

bf68262c573a7d726fdc2e7961813db45dad946b4f44d4de04e0d46597f3c139f050ac951607aa4c20283d9dc3bc2485fcd2038cf704c797ab4c27e8f8fdd052
SSDEEP

1536:OWH9bZUsMpeJm1/fMaOnBF9fHmuU6AqZ98y0PRL7koW6RQXu:d9OTd03n9fHmud1j8y0177tRQ

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
c7e33cefdb6e0578043e592f035ef56d_JaffaCakes118
unpack001/out.upx

Files

c7e33cefdb6e0578043e592f035ef56d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 96KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 57KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 47KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ