ce9dc26a5c9b6ed2efbbe1f4cc75ec03_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ce9dc26a5c9b6ed2efbbe1f4cc75ec03_JaffaCakes118
Size

124KB
MD5

ce9dc26a5c9b6ed2efbbe1f4cc75ec03
SHA1

b4d67593ac92101a0978c3e54121d637bd5e79d8
SHA256

c2a4c8cb1dab02d7d42befd78914b7120992f66180ad9ee0a77f883c17e5a15a
SHA512

e92069c73f9b6cab1fc439bc504cb1c48a694ab3ba16f03b7936627dfac2c8fe211d5c82aec6a9ecccf9db783433ce0c239e0879ce9185be768bff865755ab8f
SSDEEP

3072:nYebFwUrrEZ8v8vu8TRYPQn0tx1pISLQFV8+HW+m:nXx0Z8v8vKPQn0txvQFV8+

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ce9dc26a5c9b6ed2efbbe1f4cc75ec03_JaffaCakes118

Files

ce9dc26a5c9b6ed2efbbe1f4cc75ec03_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

fork
forkonce

Sections

UPX0
Size: - Virtual size: 156KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 544B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ