dadd8d441cdae1b9764efbb157a50d43_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dadd8d441cdae1b9764efbb157a50d43_JaffaCakes118
Size

84KB
MD5

dadd8d441cdae1b9764efbb157a50d43
SHA1

f8a10d8c0b4a00ef471160ae172d72b15444765b
SHA256

c2da68069a4b2c7cb6e44373ca92a06db74a82c818d726b675a82bd1d534efad
SHA512

7bc60aa89fbebce0272bbc3f3469c4954c7c7a45a8c36d2ee273b4f52eada60d189e7283d633b23c68dc4165a84c0f8f29fc3624b4ef7214f085c9a73bbe40e2
SSDEEP

1536:ydAcFti+eqMTDQU0+MmiHwDlHJMVencA8YkaxnzSQgECTttlXzd:yucFnetPQ0MmAqH3AY9zSZEqtnh

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
dadd8d441cdae1b9764efbb157a50d43_JaffaCakes118
unpack001/out.upx

Files

dadd8d441cdae1b9764efbb157a50d43_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 77KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ