d3f8084bff3b3d551f6476f6b02cff1f_JaffaCakes118

General

Target

d3f8084bff3b3d551f6476f6b02cff1f_JaffaCakes118
Size

669KB
MD5

d3f8084bff3b3d551f6476f6b02cff1f
SHA1

97fabb1f7a7e99e8a9261f83def64576014928e4
SHA256

a3bc4dbc710a8437bd51ebdd020f9a536e6fd82edf2d6b82e474d3fa7ee1a552
SHA512

3fda436798d55038f1c94de09a8e5c7b78ab0c5436d4f331a3b4de41effd9c54f9ec260ce10f8357366ece2ea5f64521dd9961178147c0032e96e86d02e87be4
SSDEEP

12288:yBc+XKix5v7kfucUZwB7CRB7G80RTx+FxNOMfA33sUKpfcsFmcyouSKhK6udcKwN:yBQi3vQ4Z+7CRNMNxSXA33OpfPFmcyoI

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
d3f8084bff3b3d551f6476f6b02cff1f_JaffaCakes118
unpack001/out.upx

Files

d3f8084bff3b3d551f6476f6b02cff1f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 1.0MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 324KB - Virtual size: 328KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 344KB - Virtual size: 344KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 537KB - Virtual size: 536KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 652KB - Virtual size: 651KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 1.0MB

UPX1 Size: 324KB - Virtual size: 328KB

.rsrc Size: 344KB - Virtual size: 344KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 537KB - Virtual size: 536KB

.rdata Size: 91KB - Virtual size: 91KB

.data Size: 11KB - Virtual size: 28KB

.rsrc Size: 652KB - Virtual size: 651KB

.reloc Size: 29KB - Virtual size: 28KB

UPX0
Size: - Virtual size: 1.0MB

UPX1
Size: 324KB - Virtual size: 328KB

.rsrc
Size: 344KB - Virtual size: 344KB

.text
Size: 537KB - Virtual size: 536KB

.rdata
Size: 91KB - Virtual size: 91KB

.data
Size: 11KB - Virtual size: 28KB

.rsrc
Size: 652KB - Virtual size: 651KB

.reloc
Size: 29KB - Virtual size: 28KB