ef2e7dae3218c01d1eb6d603cc5d177a_JaffaCakes118

General

Target

ef2e7dae3218c01d1eb6d603cc5d177a_JaffaCakes118
Size

488KB
MD5

ef2e7dae3218c01d1eb6d603cc5d177a
SHA1

d5915edcddddf2f08e2cb8db74215fc317dc426f
SHA256

88c663e1e0a1e44a60c6b0132a01a98bb957690e71592d2131f66743ed2f02cc
SHA512

b17f365549f1180127be0d897af92ef1bd987816e0ca59870ae177879586ec78e7cee1b24b3622c101f79e1e39266a1b0cd3d62a8cd5303ec86268895be9ca04
SSDEEP

6144:Awx/iUGgA391a4gVHoE9AMQ5zin6UkGe+cnrUOEABtvTjvOCWzwCF9Uvn/jV7Q0X:AwRihjab+k25t+aH7BhjOl5F9U5Uwvv

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
ef2e7dae3218c01d1eb6d603cc5d177a_JaffaCakes118
unpack001/out.upx

Files

ef2e7dae3218c01d1eb6d603cc5d177a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 376KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 418KB - Virtual size: 420KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 69KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.edata
Size: 150KB - Virtual size: 214KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 203KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 45KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 71KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

BSS
Size: 36KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 376KB

UPX1 Size: 418KB - Virtual size: 420KB

.rsrc Size: 69KB - Virtual size: 72KB

Headers

DLL Characteristics

File Characteristics

Sections

.edata Size: 150KB - Virtual size: 214KB

INIT Size: 203KB - Virtual size: 209KB

INIT Size: 45KB - Virtual size: 49KB

INIT Size: 71KB - Virtual size: 129KB

BSS Size: 36KB - Virtual size: 91KB

.text Size: 6KB - Virtual size: 5KB

.rsrc Size: 69KB - Virtual size: 68KB

.reloc Size: 1024B - Virtual size: 32B

UPX0
Size: - Virtual size: 376KB

UPX1
Size: 418KB - Virtual size: 420KB

.rsrc
Size: 69KB - Virtual size: 72KB

.edata
Size: 150KB - Virtual size: 214KB

INIT
Size: 203KB - Virtual size: 209KB

INIT
Size: 45KB - Virtual size: 49KB

INIT
Size: 71KB - Virtual size: 129KB

BSS
Size: 36KB - Virtual size: 91KB

.text
Size: 6KB - Virtual size: 5KB

.rsrc
Size: 69KB - Virtual size: 68KB

.reloc
Size: 1024B - Virtual size: 32B