d4f69bd30766cfec3210f34dc725ee17_JaffaCakes118

General

Target

d4f69bd30766cfec3210f34dc725ee17_JaffaCakes118
Size

134KB
MD5

d4f69bd30766cfec3210f34dc725ee17
SHA1

bb3dd77faf14bb00291aa6b651538c3a858c53b0
SHA256

4031007d6fd13902497e3481a64dd3130e0e6fd2a739448a6f9bed2fb74a059d
SHA512

55809c76498156f73c9cf2ac57597ac131c8edb4513750530c4c8713e896bc87fe478a0a78d48559c8583e2b6ca423701077e341ecd3555d434c960a5d750973
SSDEEP

3072:GgftEpw7GtewNcxvuAOYS76M7dLEIPOwPCZTHOUs/7cVN4/:GetYIxwjYMJ4fICZr3s/Yvq

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
d4f69bd30766cfec3210f34dc725ee17_JaffaCakes118
unpack001/out.upx

Files

d4f69bd30766cfec3210f34dc725ee17_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 92KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 132KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 182KB - Virtual size: 182KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 293B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 830B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 400B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 92KB

UPX1 Size: 132KB - Virtual size: 136KB

.rsrc Size: 1024B - Virtual size: 4KB

Headers

File Characteristics

Sections

CODE Size: 15KB - Virtual size: 15KB

DATA Size: 182KB - Virtual size: 182KB

BSS Size: - Virtual size: 293B

.idata Size: 1024B - Virtual size: 830B

.reloc Size: 512B - Virtual size: 400B

.rsrc Size: 1024B - Virtual size: 1024B

UPX0
Size: - Virtual size: 92KB

UPX1
Size: 132KB - Virtual size: 136KB

.rsrc
Size: 1024B - Virtual size: 4KB

CODE
Size: 15KB - Virtual size: 15KB

DATA
Size: 182KB - Virtual size: 182KB

BSS
Size: - Virtual size: 293B

.idata
Size: 1024B - Virtual size: 830B

.reloc
Size: 512B - Virtual size: 400B

.rsrc
Size: 1024B - Virtual size: 1024B