ce047b3b01b4bfd88a074ec0b5ccbe2d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ce047b3b01b4bfd88a074ec0b5ccbe2d_JaffaCakes118
Size

188KB
MD5

ce047b3b01b4bfd88a074ec0b5ccbe2d
SHA1

4165cc6422eacd934d89e48a280d6f434c0a177c
SHA256

055101df0fe746e8476f72f5323a0036a0a2ddc55090a8d8a3a934c91d62d18f
SHA512

7fa6d73c34d709379407ebe5ff6c3494bb56f2433397d50545acc9125b9f291874adac4163e6dbbc82f1252fa570caf91295279df1cfc3574888c23150f2d56f
SSDEEP

3072:dx2AVRUGq6ut/9F/IvvdxQM5sDFvb6dWVuK8CuPW4VxkPFGAf6IM4M:72AVRjhi/z/2HGx6G/8vu4ViPFWt

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
ce047b3b01b4bfd88a074ec0b5ccbe2d_JaffaCakes118
unpack001/out.upx

Files

ce047b3b01b4bfd88a074ec0b5ccbe2d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 35.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 172KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.text
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_MEM_READ

.ndata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 10KB - Virtual size: 35.3MB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 171KB - Virtual size: 171KB

IMAGE_SCN_MEM_READ