fa92f673276a0e2f24e90246d8bc3733_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fa92f673276a0e2f24e90246d8bc3733_JaffaCakes118
Size

63KB
MD5

fa92f673276a0e2f24e90246d8bc3733
SHA1

f4e65146542e0864e86f0a16c71e3e15c443fc48
SHA256

cb93f4d9f3a8bcfe87778e660159d5c7601157d360d4479c7d39d1f94a71cc4c
SHA512

8e968885808e45d154a42da0696431c5ce3630576273f058523e68b5b4349d8a680200a7aac4da977ce62a005f8d6e5c1cab87252f5ae859d73590ca74500cc7
SSDEEP

1536:dh6rxXrZbpn5GeXg9K5cmt0FJXotJZqMvNvdB2O:dQtpn5G6gZmYX6UqvOO

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/SJ.AVA.StandAlone.v8.0.14.German.Incl.Keymaker-ACME/SJ-AVA-Keygen.exe	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/SJ.AVA.StandAlone.v8.0.14.German.Incl.Keymaker-ACME/SJ-AVA-Keygen.exe
unpack002/out.upx

Files

fa92f673276a0e2f24e90246d8bc3733_JaffaCakes118
.zip
SJ.AVA.StandAlone.v8.0.14.German.Incl.Keymaker-ACME/SJ-AVA-Keygen.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 68KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 55KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
SJ.AVA.StandAlone.v8.0.14.German.Incl.Keymaker-ACME/acme.nfo
SJ.AVA.StandAlone.v8.0.14.German.Incl.Keymaker-ACME/file_id.diz
keygen.nfo