f58f5380dcec201c0131bb4d462fc1a1_JaffaCakes118 | Triage

Sharing

General

Target

f58f5380dcec201c0131bb4d462fc1a1_JaffaCakes118
Size

82KB
MD5

f58f5380dcec201c0131bb4d462fc1a1
SHA1

fc469470a75c43e0ee9d45be307a89b181e3c620
SHA256

d26e2b094e98bafb67cdfa12171427ab874e04816a86fe83e6b9c152fd5dc26d
SHA512

60a5901391ecd6f8854b3beb16b6c428f577b3c502c67a7e024eb6205dcc7a9684e3967cfe03ecfdca6cbbea081850dd82f04e2fc1f7b83cb2159aec16567b31
SSDEEP

1536:fUYdKdTEdWFIRxbua6w7/7nxFUSuN6ZCjnKMiFZux:d0S1Dtv7znkjPiFZux

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
f58f5380dcec201c0131bb4d462fc1a1_JaffaCakes118
unpack001/out.upx

Files

f58f5380dcec201c0131bb4d462fc1a1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 1012KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 55KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 1024KB - Virtual size: 1023KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ