fa1379dc6c5641e60e8a0c696ecb2bff_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fa1379dc6c5641e60e8a0c696ecb2bff_JaffaCakes118
Size

83KB
MD5

fa1379dc6c5641e60e8a0c696ecb2bff
SHA1

5d3a51249f0a5928cd09f988fd22ac3974b507b2
SHA256

d2cdfd9378cb8e88916bfa8a9406a173ba464a255e1c556378ff4c5516bdb2e5
SHA512

7e879cddacf4a2d1b0d7ba4db078af7acde7bb3329a2f6eada757725fbe668e142e608d59318c486770ffff9a01fcb0f39bae9712b6903b7cb4fb71848e56d38
SSDEEP

1536:sNiA71Ztf87hf2AVNdyTJib6v+UW24arkf1JX6vkTpoU5ksze:shBEsAVNdyYLUnXIX6cTpl5m

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
fa1379dc6c5641e60e8a0c696ecb2bff_JaffaCakes118
unpack001/out.upx

Files

fa1379dc6c5641e60e8a0c696ecb2bff_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 44KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ