ebdc226b16907302bdd0852b347359b9_JaffaCakes118

General

Target

ebdc226b16907302bdd0852b347359b9_JaffaCakes118
Size

414KB
MD5

ebdc226b16907302bdd0852b347359b9
SHA1

a1192417eac63e72f3199d8aefae81d559b30457
SHA256

4918884db3f557770d44a4a8f0c9a3009d36ecaf7283b228f064aa1ecf89b424
SHA512

dc93a2120ad0337e75c2849221899dd8fd0bc4d08855e310f5290cec4996a58f3e593fc4e7820518bd33ec08a3de3dc0399bdef2809735f2933cc9373bc3b42f
SSDEEP

6144:/I0lp4QrPuOug2JQNLd1GMwVKEqtius0I5T7G69043KYmMh4jxIR8hG6cpafmTi:A0luKPfug2JQWqUu8/hZdhMxHz0afai

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
ebdc226b16907302bdd0852b347359b9_JaffaCakes118
unpack001/out.upx

Files

ebdc226b16907302bdd0852b347359b9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 644KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 321KB - Virtual size: 324KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 92KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 709KB - Virtual size: 708KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 7KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 147KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 644KB

UPX1 Size: 321KB - Virtual size: 324KB

.rsrc Size: 92KB - Virtual size: 116KB

Headers

File Characteristics

Sections

CODE Size: 709KB - Virtual size: 708KB

DATA Size: 15KB - Virtual size: 14KB

BSS Size: - Virtual size: 7KB

.idata Size: 10KB - Virtual size: 9KB

.tls Size: - Virtual size: 16B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 49KB - Virtual size: 49KB

.rsrc Size: 147KB - Virtual size: 147KB

UPX0
Size: - Virtual size: 644KB

UPX1
Size: 321KB - Virtual size: 324KB

.rsrc
Size: 92KB - Virtual size: 116KB

CODE
Size: 709KB - Virtual size: 708KB

DATA
Size: 15KB - Virtual size: 14KB

BSS
Size: - Virtual size: 7KB

.idata
Size: 10KB - Virtual size: 9KB

.tls
Size: - Virtual size: 16B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 49KB - Virtual size: 49KB

.rsrc
Size: 147KB - Virtual size: 147KB