dcfff3b284e9845765c34cb412e6e89d_JaffaCakes118

General

Target

dcfff3b284e9845765c34cb412e6e89d_JaffaCakes118
Size

465KB
MD5

dcfff3b284e9845765c34cb412e6e89d
SHA1

fba1ef0abd42d0bc4d8561c417dd6d1673c0dc52
SHA256

176c2748c559b1cca73c8707dc336c48589ed0b5b1b9488e2d641230256f0c75
SHA512

b2b810de204b95f4a6325ffebbe1dee00f07afc25e836e42a79ead7cb84e1cefbfacd363d697ce1ad33b7b8febc141692094f405fe5f640e9486ce7c7146cd6c
SSDEEP

12288:kKDdj0qWw3Nbw3VNe/TtR7sYCBWQrMtpb28MM+o:FJrWw1z/8sh28MMN

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
dcfff3b284e9845765c34cb412e6e89d_JaffaCakes118
unpack001/out.upx

Files

dcfff3b284e9845765c34cb412e6e89d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 4.6MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 409KB - Virtual size: 412KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 55KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 692KB - Virtual size: 691KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 15KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4.2MB - Virtual size: 4.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 4.6MB

UPX1 Size: 409KB - Virtual size: 412KB

.rsrc Size: 55KB - Virtual size: 56KB

Headers

File Characteristics

Sections

CODE Size: 692KB - Virtual size: 691KB

DATA Size: 20KB - Virtual size: 19KB

BSS Size: - Virtual size: 15KB

.idata Size: 12KB - Virtual size: 12KB

.tls Size: - Virtual size: 16B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 42KB - Virtual size: 41KB

.rsrc Size: 4.2MB - Virtual size: 4.2MB

UPX0
Size: - Virtual size: 4.6MB

UPX1
Size: 409KB - Virtual size: 412KB

.rsrc
Size: 55KB - Virtual size: 56KB

CODE
Size: 692KB - Virtual size: 691KB

DATA
Size: 20KB - Virtual size: 19KB

BSS
Size: - Virtual size: 15KB

.idata
Size: 12KB - Virtual size: 12KB

.tls
Size: - Virtual size: 16B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 42KB - Virtual size: 41KB

.rsrc
Size: 4.2MB - Virtual size: 4.2MB