d3219f9ed91853f2a39b77c94acada1a_JaffaCakes118

General

Target

d3219f9ed91853f2a39b77c94acada1a_JaffaCakes118
Size

69KB
MD5

d3219f9ed91853f2a39b77c94acada1a
SHA1

1d2ef4d3001d9497f4cd860de689ac948b379282
SHA256

38e1cc18aab2e73ab682b25900dd4b0243bcc6e49c19c328f36c775b938dbdce
SHA512

1aea5f089d47fe0c6900ced8a5fce6a901e1084e4285a96a2d1a9276c2fd0cd73141193ec4be50514224ae7b4ee548d4983d89597adadc3b427f1869d076e8f5
SSDEEP

1536:9XhqFTd1mHfqaeUQYiK8I8rFv1i2ZnVM9ffMWhQgN7MEQBD:9X812fVhEK8I+lnbWSsMEC

Score

7^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
sample	acprotect

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
d3219f9ed91853f2a39b77c94acada1a_JaffaCakes118
unpack001/out.upx

Files

d3219f9ed91853f2a39b77c94acada1a_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 116KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 67KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 116KB

UPX1 Size: 67KB - Virtual size: 68KB

.rsrc Size: 1024B - Virtual size: 4KB

Headers

DLL Characteristics

File Characteristics

Sections

CODE Size: 132KB - Virtual size: 132KB

DATA Size: 2KB - Virtual size: 2KB

BSS Size: - Virtual size: 2KB

.idata Size: 3KB - Virtual size: 3KB

.reloc Size: 10KB - Virtual size: 9KB

.rsrc Size: 8KB - Virtual size: 8KB

UPX0
Size: - Virtual size: 116KB

UPX1
Size: 67KB - Virtual size: 68KB

.rsrc
Size: 1024B - Virtual size: 4KB

CODE
Size: 132KB - Virtual size: 132KB

DATA
Size: 2KB - Virtual size: 2KB

BSS
Size: - Virtual size: 2KB

.idata
Size: 3KB - Virtual size: 3KB

.reloc
Size: 10KB - Virtual size: 9KB

.rsrc
Size: 8KB - Virtual size: 8KB