fa435f777abdfbefcf53a1d68c684f32_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fa435f777abdfbefcf53a1d68c684f32_JaffaCakes118
Size

106KB
MD5

fa435f777abdfbefcf53a1d68c684f32
SHA1

07434a8fa1478e8c9f3a846cf49bf0bf32e62a4f
SHA256

1c8552410962f461a4e560582f6f5647e8391cc07b1c820df179be90027f0211
SHA512

2affded2158885bfa48db1188ca37fcb4bd618d5ea66cdd8953da7a4f2044e802837113c66d2b5bd15f242c121af3da44ace4deee31df890f02ee5cc97e91cb1
SSDEEP

1536:4eTlFVkitCOTgX5PwF+RRhk0Fjn19sruPOazRyAEJ/V9XbE6BaubFXjASDdQWJfh:VfVGxpo8RTl1aruQA+tFgubFUSDGsp

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
fa435f777abdfbefcf53a1d68c684f32_JaffaCakes118
unpack001/out.upx

Files

fa435f777abdfbefcf53a1d68c684f32_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 92KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 59KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 46KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 82KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ