e7ad677d44d7652fe49e71095e2d9811_JaffaCakes118

General

Target

e7ad677d44d7652fe49e71095e2d9811_JaffaCakes118
Size

461KB
MD5

e7ad677d44d7652fe49e71095e2d9811
SHA1

5ff65ad254c2d66fd1c616ce2de79bfcbb9c0d75
SHA256

d46fdddd02a815cf2289ab5ac60007d50e846934dff9e2e4ef21059f4d270c8b
SHA512

5eb458dc773ffbf65cf99733803acd6af9e7be959a7b6f2d25c418c76589b0a5204ecebff28b053567cfb22081948c1af41d68909392a76001d0f8f5545c90ff
SSDEEP

12288:V73bk0H7QSv4QipraiOoiKkdLppYHQ/DQxTevD7/e:XHEm43praOmdLpKQ/DXDL

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
e7ad677d44d7652fe49e71095e2d9811_JaffaCakes118
unpack001/out.upx

Files

e7ad677d44d7652fe49e71095e2d9811_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 408KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 454KB - Virtual size: 456KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 405KB - Virtual size: 404KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 289KB - Virtual size: 289KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 408KB

UPX1 Size: 454KB - Virtual size: 456KB

.rsrc Size: 5KB - Virtual size: 8KB

Headers

File Characteristics

Sections

CODE Size: 405KB - Virtual size: 404KB

DATA Size: 94KB - Virtual size: 94KB

BSS Size: - Virtual size: 3KB

.idata Size: 9KB - Virtual size: 9KB

.tls Size: - Virtual size: 16B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 31KB - Virtual size: 31KB

.rsrc Size: 289KB - Virtual size: 289KB

UPX0
Size: - Virtual size: 408KB

UPX1
Size: 454KB - Virtual size: 456KB

.rsrc
Size: 5KB - Virtual size: 8KB

CODE
Size: 405KB - Virtual size: 404KB

DATA
Size: 94KB - Virtual size: 94KB

BSS
Size: - Virtual size: 3KB

.idata
Size: 9KB - Virtual size: 9KB

.tls
Size: - Virtual size: 16B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 31KB - Virtual size: 31KB

.rsrc
Size: 289KB - Virtual size: 289KB