c8513db11a32067d128a4181f4138861_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c8513db11a32067d128a4181f4138861_JaffaCakes118
Size

2.7MB
MD5

c8513db11a32067d128a4181f4138861
SHA1

65ba38fc3b76eb690dd271d82493b2731a33a232
SHA256

44ec38ab8f29fddada08ad477f33a96cf7cde1149ebece5e3ca474d95dcca228
SHA512

dc663f4f141ca7557abb982e3395e84a05dda690c70b41c9c7d983e479e3f72570404cff34b982f4b7ee726ba4a0a2bdc1c012dd2bf3fdcff8ab344cf2d76800
SSDEEP

49152:y44duane4lB55LaKBkyqvzVxjuTe3a6xqzZL44dIWH4eNl4MGKBf3kqSzVtuuROa:y5uww7v/juTqxqzZL5IWTJ3pSTuuRnam

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/Setup.exe	upx
static1/unpack001/Setup/Setup.exe	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Setup.exe
unpack001/Setup/Setup.exe

Files

c8513db11a32067d128a4181f4138861_JaffaCakes118
.rar
Serial No..txt
Setup.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 204KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 107KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Setup/Serial No..txt
Setup/Setup.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 204KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 107KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE