fdd316b66a41b4e04363c7d354109b10_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fdd316b66a41b4e04363c7d354109b10_JaffaCakes118
Size

85KB
MD5

fdd316b66a41b4e04363c7d354109b10
SHA1

71f419a5e2c15694208858a836aa6d8554c3f10e
SHA256

5b70d42d1f19c06bbb2b5ef20f19c58b81c385b8391a721fc4422ef420561b91
SHA512

3a66af83b95d5c94b982e5eb5b9f2c7433b1294ad0f1db46e21bb009521744e732ed9d496bd0931a3cc9fae0f8f27cdb65f0552e4930cb3b0de331d817c1ac6a
SSDEEP

1536:GRc2ZSg+/SnCqEAHu62sqlaq4ocs43st9kzzxwGltTE8gKSdi+hUA68D78X:1Lg+SHX2M64Gkzz+QxE/Ri+Sy8

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
fdd316b66a41b4e04363c7d354109b10_JaffaCakes118
unpack001/out.upx

Files

fdd316b66a41b4e04363c7d354109b10_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 78KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ