cf4229fcd067fc7130e82721800fa83e_JaffaCakes118

General

Target

cf4229fcd067fc7130e82721800fa83e_JaffaCakes118
Size

566KB
MD5

cf4229fcd067fc7130e82721800fa83e
SHA1

1770c1803b97660cffd52fd5c206c3b54d1a02b9
SHA256

b4dbff6213bec51cf249953eef37bfc19a5515bd9995653cd3d727f82b2dfb46
SHA512

0d4a8697a882236e0cc74aab9b6ce780ad1f1cbd29c5a6eb8e7ddeb812a6f38ba571420379d8d4415e8ea1e8d7e904af21b0b964c8f23cacf6e18f772feec943
SSDEEP

12288:V9bXI+rNsWlDjm+BpbhahgistuKVy17TMURUCR13Cz3lQHX9:VFISsoDNB6hgHs5TMU9R1MG

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
cf4229fcd067fc7130e82721800fa83e_JaffaCakes118
unpack001/out.upx

Files

cf4229fcd067fc7130e82721800fa83e_JaffaCakes118
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 160KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 84KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 143KB - Virtual size: 142KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 116B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 160KB

UPX1 Size: 84KB - Virtual size: 88KB

.rsrc Size: 3KB - Virtual size: 4KB

Headers

File Characteristics

Sections

CODE Size: 143KB - Virtual size: 142KB

DATA Size: 6KB - Virtual size: 6KB

BSS Size: - Virtual size: 3KB

.idata Size: 5KB - Virtual size: 5KB

.tls Size: - Virtual size: 116B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: - Virtual size: 8KB

.rsrc Size: 45KB - Virtual size: 45KB

UPX0
Size: - Virtual size: 160KB

UPX1
Size: 84KB - Virtual size: 88KB

.rsrc
Size: 3KB - Virtual size: 4KB

CODE
Size: 143KB - Virtual size: 142KB

DATA
Size: 6KB - Virtual size: 6KB

BSS
Size: - Virtual size: 3KB

.idata
Size: 5KB - Virtual size: 5KB

.tls
Size: - Virtual size: 116B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: - Virtual size: 8KB

.rsrc
Size: 45KB - Virtual size: 45KB