f021664418eb0fca5704f375d032a280_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f021664418eb0fca5704f375d032a280_JaffaCakes118
Size

105KB
MD5

f021664418eb0fca5704f375d032a280
SHA1

986f2db281e6da8dd576f37aad5d3e1dcec7db83
SHA256

5940b994efa53b42f813bb363fdecb0fc602cb3adece1ebb5a72028f5703c98e
SHA512

a7e994a4a7ddb9a774115ffd01792b16f87bd9d45fec0d91a07602a6460202c3a44f09024449aae7ce0d7c0c9a8ab82acd195820b187f40491fd9beae262a4c2
SSDEEP

1536:CaoRPMXkx05cfIFqzUk86y2McmKAuY6RyP614Ze5kgvVRa6b25Df0r:CNWkZIOrFXOuLL6e5kgja6i5Mr

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
f021664418eb0fca5704f375d032a280_JaffaCakes118
unpack001/out.upx

Files

f021664418eb0fca5704f375d032a280_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 96KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 58KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 46KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ