ec03d7189d09de226d4cfcca7a116e60_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ec03d7189d09de226d4cfcca7a116e60_JaffaCakes118
Size

13KB
MD5

ec03d7189d09de226d4cfcca7a116e60
SHA1

723bb9e185a17575104da5646c47414efb305d5c
SHA256

c2fcbb3e15097d2b4a75a54834a63f52cd6be237e5c51ce9a2c59cc838278c60
SHA512

32e64eca9f9982e7eaa0e221cd4ded15e21c3cbfec9cc9174845e63bca0eb6ce9736314dc507da35002d80f960d1aa0071092b83118929c0daee6889c6b08a6b
SSDEEP

384:9y7cilWg0h7FNfylG0YkM4tas8yTtnQVTVikXRna:96ciE/nmVaN2tnQlk+

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
ec03d7189d09de226d4cfcca7a116e60_JaffaCakes118
unpack001/out.upx

Files

ec03d7189d09de226d4cfcca7a116e60_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ