d74dc86cbe16ed3104249e0ff16d18fa_JaffaCakes118 | Triage

Sharing

General

Target

d74dc86cbe16ed3104249e0ff16d18fa_JaffaCakes118
Size

145KB
MD5

d74dc86cbe16ed3104249e0ff16d18fa
SHA1

c201d4806edd4e04ffa4f12b5238910e73eaf004
SHA256

67f674ccbedb917240e0b6f9ffe619a327aeeebaf5763243a68e574ba929c21d
SHA512

bad4551320f62a83838bec3ac6ac0baddb2ab95ad88df3d29b7068b1149a046641e1c61e6363f46e772c38a64a974109139b440ab876ae433187181c68a27040
SSDEEP

3072:bKTeNHxCCUSJhRg/PvYdiS5dIU2Xzz7gEFHxNDldxa:eTawCUSzS/bS5mblHxPG

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d74dc86cbe16ed3104249e0ff16d18fa_JaffaCakes118

Files

d74dc86cbe16ed3104249e0ff16d18fa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: 9.0MB - Virtual size: 112KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_WRITE

UPX1
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.A.Vi.RA
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.F.U.C.K
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE