ead5dc70f25dcd1d67017c6af36183bb_JaffaCakes118

General

Target

ead5dc70f25dcd1d67017c6af36183bb_JaffaCakes118
Size

669KB
MD5

ead5dc70f25dcd1d67017c6af36183bb
SHA1

32cc581362583215e4da08d7b0a74a0fb65bad23
SHA256

ae0510e8e6f3b96775d50c644b3f87cab81e6030a401d5116ef311f4d3318bfb
SHA512

0b25d0b159e11c6cd7979147badfdba3340238c933bcf9351f5a58840744f160296a74e1704b837e0b538a92f74a10a827862f06ebe4aad7c138006af6b42d19
SSDEEP

12288:gBc+XKix5v7kfucUZwB7C4gasz/ZxNOMfA33sUKpfcsFmcyouSKhK6udcKwvoH:gBQi3vQ4Z+7C4Uz/PXA33OpfPFmcyouO

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
ead5dc70f25dcd1d67017c6af36183bb_JaffaCakes118
unpack001/out.upx

Files

ead5dc70f25dcd1d67017c6af36183bb_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 1.0MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 324KB - Virtual size: 328KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 344KB - Virtual size: 344KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 537KB - Virtual size: 536KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 652KB - Virtual size: 651KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 1.0MB

UPX1 Size: 324KB - Virtual size: 328KB

.rsrc Size: 344KB - Virtual size: 344KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 537KB - Virtual size: 536KB

.rdata Size: 91KB - Virtual size: 91KB

.data Size: 11KB - Virtual size: 28KB

.rsrc Size: 652KB - Virtual size: 651KB

.reloc Size: 29KB - Virtual size: 28KB

UPX0
Size: - Virtual size: 1.0MB

UPX1
Size: 324KB - Virtual size: 328KB

.rsrc
Size: 344KB - Virtual size: 344KB

.text
Size: 537KB - Virtual size: 536KB

.rdata
Size: 91KB - Virtual size: 91KB

.data
Size: 11KB - Virtual size: 28KB

.rsrc
Size: 652KB - Virtual size: 651KB

.reloc
Size: 29KB - Virtual size: 28KB