dc55c8b5e4b253efa899149a6d3fcbdb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dc55c8b5e4b253efa899149a6d3fcbdb_JaffaCakes118
Size

652KB
MD5

dc55c8b5e4b253efa899149a6d3fcbdb
SHA1

bce75d935a98c6428ba9bbd468c6ba5998fb94ab
SHA256

a6568fed333dab2fdda81979aee0bd0d07955115173b51e554b15d4796390a8f
SHA512

c9bae68ded2c532a42fd920c20b930317dbbf2706cf4c1200bf57db023373dcca45b351281350e81b81ecf424542da897e09b4cf2ca5c0fb2525e62c216179fd
SSDEEP

12288:Tm9LVj+YRee6OMNPFfyzPmVOIjTfaKSAfGB5YXFMTXxDZFP:Tm9xj+Dtf0mVfuKsyQd

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
dc55c8b5e4b253efa899149a6d3fcbdb_JaffaCakes118
unpack001/out.upx

Files

dc55c8b5e4b253efa899149a6d3fcbdb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 728KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 646KB - Virtual size: 648KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ