f0bb31dba9088ead1b4db4db74f0eae0_JaffaCakes118

General

Target

f0bb31dba9088ead1b4db4db74f0eae0_JaffaCakes118
Size

76KB
MD5

f0bb31dba9088ead1b4db4db74f0eae0
SHA1

86eab0cb5ff7ab17dfafe71d590790d398bf4ca4
SHA256

06cec174b1d18d57f2cf48d64b44e5efdab1a9f72afb17ac5bcd7e516d4cb4e6
SHA512

712c899f80b6e29529d9558adda0536f2dc136c57427c7dcf1ecb25f7a1f4012cd1a56462bb126f90978def05699c1177ff0de67f37345801fe2530060b597ed
SSDEEP

1536:l8oywx7GX9tRcY2dwlF+vuTBKmAVGjZ2jb5PIjh+jtewbIzB5hO:lRyC49jcYUvuTNAgOb5PEh0tedB5h

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
f0bb31dba9088ead1b4db4db74f0eae0_JaffaCakes118
unpack001/out.upx

Files

f0bb31dba9088ead1b4db4db74f0eae0_JaffaCakes118
.exe .ps1 windows:6 windows x86 arch:x86 polyglot

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 104KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 74KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:6 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.idata
Size: 512B - Virtual size: 639B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 142KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.arch
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 104KB

UPX1 Size: 74KB - Virtual size: 76KB

.rsrc Size: 2KB - Virtual size: 4KB

Headers

File Characteristics

Sections

.idata Size: 512B - Virtual size: 639B

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 142KB - Virtual size: 142KB

.reloc Size: 512B - Virtual size: 4KB

.data Size: 1024B - Virtual size: 2KB

.rsrc Size: 3KB - Virtual size: 4KB

.arch Size: - Virtual size: 3KB

UPX0
Size: - Virtual size: 104KB

UPX1
Size: 74KB - Virtual size: 76KB

.rsrc
Size: 2KB - Virtual size: 4KB

.idata
Size: 512B - Virtual size: 639B

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 142KB - Virtual size: 142KB

.reloc
Size: 512B - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 2KB

.rsrc
Size: 3KB - Virtual size: 4KB

.arch
Size: - Virtual size: 3KB