eb31fc881712d0e371ae0277adb1ba75_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

eb31fc881712d0e371ae0277adb1ba75_JaffaCakes118
Size

44KB
MD5

eb31fc881712d0e371ae0277adb1ba75
SHA1

3837595a96a76e28a628b652a609486659de010f
SHA256

cf7aceecfe44288f7dac0e2f5ceafa0ffa9ea20c07be60ee9fe089fa1338c5a8
SHA512

fedf2a0d9c2a77eaa9b0523a8efc09f692bafb41684cbc220313bf85d4a51e348cbdabef71d970f1c109ca3591de0be6ef367dd8e7c1d337a01da3aea277664e
SSDEEP

768:cLcQtBNYxlt5PxVjM/WOo7Rt0ebZVv+eYJU1l+3Ad36l6:codLTP5/H3g

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
eb31fc881712d0e371ae0277adb1ba75_JaffaCakes118
unpack001/out.upx

Files

eb31fc881712d0e371ae0277adb1ba75_JaffaCakes118
.exe windows:6 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 140KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:6 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.rahowfq
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xpeq
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xvnd
Size: 4KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jmikfhi
Size: 512B - Virtual size: 13B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lkvxlf
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 59KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 140KB

UPX1 Size: 40KB - Virtual size: 40KB

.rsrc Size: 3KB - Virtual size: 4KB

Headers

File Characteristics

Sections

.rahowfq Size: 7KB - Virtual size: 6KB

.rsrc Size: 512B - Virtual size: 4KB

.rsrc Size: 512B - Virtual size: 4KB

.xpeq Size: 2KB - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 4KB

.rsrc Size: 512B - Virtual size: 4KB

.xvnd Size: 4KB - Virtual size: 61KB

.rsrc Size: 512B - Virtual size: 4KB

.rsrc Size: 512B - Virtual size: 4KB

.rsrc Size: 512B - Virtual size: 4KB

.jmikfhi Size: 512B - Virtual size: 13B

.lkvxlf Size: 512B - Virtual size: 16B

.rsrc Size: 59KB - Virtual size: 60KB

UPX0
Size: - Virtual size: 140KB

UPX1
Size: 40KB - Virtual size: 40KB

.rsrc
Size: 3KB - Virtual size: 4KB

.rahowfq
Size: 7KB - Virtual size: 6KB

.rsrc
Size: 512B - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 4KB

.xpeq
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 4KB

.xvnd
Size: 4KB - Virtual size: 61KB

.rsrc
Size: 512B - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 4KB

.jmikfhi
Size: 512B - Virtual size: 13B

.lkvxlf
Size: 512B - Virtual size: 16B

.rsrc
Size: 59KB - Virtual size: 60KB