ee8f06dce801ac1c69c9d33b7281c895_JaffaCakes118

General

Target

ee8f06dce801ac1c69c9d33b7281c895_JaffaCakes118
Size

150KB
MD5

ee8f06dce801ac1c69c9d33b7281c895
SHA1

8d75925ba8748d3b2c44f49e3a633531a6066f26
SHA256

6d3bb1805b03dc36fb3d0a99c26d4c90987bdc588fafc462b8a2e5e38d0efa63
SHA512

e0218f0973fdbf701b4b66bd93fa85eed9101c21fa3083d0800bd9c8f8ed79876387457c0936157bffc1937e836d923cc31cd9d4c8b1f04d1f8659482f2e23da
SSDEEP

3072:Odyz7JOZZYgMtUCv3y7XNm8mjlUoLtcFuka19wDEmPcnK1qA9f:EyzVOfYgMuCv3Ug82lUwivr

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
ee8f06dce801ac1c69c9d33b7281c895_JaffaCakes118
unpack001/out.upx

Files

ee8f06dce801ac1c69c9d33b7281c895_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 68KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 133KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.katsrrv
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ffre
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.cylednh
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ydsb
Size: 1024B - Virtual size: 918B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dxort
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wmxb
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hmlmrei
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 68KB

UPX1 Size: 133KB - Virtual size: 136KB

.rsrc Size: 16KB - Virtual size: 16KB

Headers

File Characteristics

Sections

.katsrrv Size: 512B - Virtual size: 4KB

.ffre Size: 82KB - Virtual size: 82KB

.cylednh Size: 512B - Virtual size: 4KB

.ydsb Size: 1024B - Virtual size: 918B

.dxort Size: 512B - Virtual size: 4KB

.wmxb Size: 75KB - Virtual size: 75KB

.hmlmrei Size: 15KB - Virtual size: 15KB

UPX0
Size: - Virtual size: 68KB

UPX1
Size: 133KB - Virtual size: 136KB

.rsrc
Size: 16KB - Virtual size: 16KB

.katsrrv
Size: 512B - Virtual size: 4KB

.ffre
Size: 82KB - Virtual size: 82KB

.cylednh
Size: 512B - Virtual size: 4KB

.ydsb
Size: 1024B - Virtual size: 918B

.dxort
Size: 512B - Virtual size: 4KB

.wmxb
Size: 75KB - Virtual size: 75KB

.hmlmrei
Size: 15KB - Virtual size: 15KB