ddcc9084d52c21ed51575aad3de3e552_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ddcc9084d52c21ed51575aad3de3e552_JaffaCakes118
Size

11.0MB
MD5

ddcc9084d52c21ed51575aad3de3e552
SHA1

f975152b3f55c4afacea36a3861780e421e910a4
SHA256

7fc1853c9fb4db6ae63ec934204997576560a3f30a5b5f517ad0d55528a8f6b6
SHA512

bbd5477df90298bd35c7c5666da84dc0ba7f1264f1bbb4e6d0f9d51bf08700e151e8a338dbe918f66237ddf814c934ee97bfddf6b02e645f4ad06625f9b3dd4f
SSDEEP

196608:keHj/2X8wgueBrvKUGuGm0Tc+rIjFyW3TTQV9Z0FUQS1cJNWk2:jHCMwgZB7fkw+rIjFyWfkGGcJT2

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
ddcc9084d52c21ed51575aad3de3e552_JaffaCakes118
unpack001/out.upx

Files

ddcc9084d52c21ed51575aad3de3e552_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 392KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 941KB - Virtual size: 944KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.icon
Size: 431KB - Virtual size: 430KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 330KB - Virtual size: 330KB

Size: - Virtual size:

Size: - Virtual size:

Size: - Virtual size:

Size: - Virtual size:

Size: - Virtual size: