de73c1429ab080397315df70297b62fd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

de73c1429ab080397315df70297b62fd_JaffaCakes118
Size

133KB
MD5

de73c1429ab080397315df70297b62fd
SHA1

53d34ffeb5c63bbe56c98d06b28163c58ddef157
SHA256

9d9978011e765b265013eee1560647147ee8d8390a0dab4f44236b0616a85d39
SHA512

558ab3f3be58f090d23f3d8e5a830b81de37e7cc141d32b69678338a634253bda850d7026c59988fa88a66ddce542d88f221e6f4b39683e21fa1918f4c9bde70
SSDEEP

3072:lqq0c+oelSm9AemN4lX4Jm4f3i0sT8IDE+AFKXPVvk/:lCc+Blnuo94Jm4fybwIDEXoPFk

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
de73c1429ab080397315df70297b62fd_JaffaCakes118
unpack001/out.upx

Files

de73c1429ab080397315df70297b62fd_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 68KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 124KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ