ef933aeaa30de91bdee77c1645dd9db1_JaffaCakes118

General

Target

ef933aeaa30de91bdee77c1645dd9db1_JaffaCakes118
Size

48KB
MD5

ef933aeaa30de91bdee77c1645dd9db1
SHA1

0fdf7390d4032639a68bb3049de6018d300c41ec
SHA256

820d7eef157149ba119b18296c86476b5e7d30f11f1589a9ec5e7f5326c981dd
SHA512

e29ad84d7e29326547dca12241717e7920067b4a607b36b6f8985b99bc4088f52904b79668d0b407236ce24b5a5ed31be6f30974b40eda8cad6275da6fdbf040
SSDEEP

768:+EZoZnY7O8GWP56/JvXTtLtZ5T7rpo6DD3NU8K0Ngh2kofb:+7ZnP875aVXpLvhH/3NU8TNa2kofb

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
ef933aeaa30de91bdee77c1645dd9db1_JaffaCakes118
unpack001/out.upx

Files

ef933aeaa30de91bdee77c1645dd9db1_JaffaCakes118
.exe windows:9 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 92KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 34KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:9 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.arch
Size: 512B - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xdata
Size: 1024B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 92KB

UPX1 Size: 34KB - Virtual size: 36KB

.rsrc Size: 12KB - Virtual size: 16KB

Headers

File Characteristics

Sections

.text Size: 39KB - Virtual size: 39KB

.arch Size: 512B - Virtual size: 7KB

.reloc Size: 512B - Virtual size: 7KB

.data Size: 4KB - Virtual size: 4KB

.rdata Size: - Virtual size: 5KB

.rdata Size: 5KB - Virtual size: 4KB

.rsrc Size: 23KB - Virtual size: 24KB

.tls Size: 1024B - Virtual size: 7KB

.xdata Size: 1024B - Virtual size: 6KB

UPX0
Size: - Virtual size: 92KB

UPX1
Size: 34KB - Virtual size: 36KB

.rsrc
Size: 12KB - Virtual size: 16KB

.text
Size: 39KB - Virtual size: 39KB

.arch
Size: 512B - Virtual size: 7KB

.reloc
Size: 512B - Virtual size: 7KB

.data
Size: 4KB - Virtual size: 4KB

.rdata
Size: - Virtual size: 5KB

.rdata
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 23KB - Virtual size: 24KB

.tls
Size: 1024B - Virtual size: 7KB

.xdata
Size: 1024B - Virtual size: 6KB