ffe2861ac33478107ae0a135e2d51ec4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ffe2861ac33478107ae0a135e2d51ec4_JaffaCakes118
Size

68KB
MD5

ffe2861ac33478107ae0a135e2d51ec4
SHA1

4200713afd50f62abeb9aa696e9bb4929ce06a48
SHA256

579405a65cdd0d9b3f7af7321cfaa3485c63a6d38644b33920910d43dafbd049
SHA512

5cc95bdd82a84c9f3f0095d218b20085b5d9f64b06580661155e5c6ced3576d4e04fa5e1ebd5b14a6306fbe964979da33715ca512fc09c417b73556f5549b951
SSDEEP

1536:/O8gf+yEgD1H3E21Fu3tqyRavHI+KOBDD7poFafwTZd:GWQW21A37QEQtgZd

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
ffe2861ac33478107ae0a135e2d51ec4_JaffaCakes118
unpack001/out.upx

Files

ffe2861ac33478107ae0a135e2d51ec4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 436KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 65KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 328KB - Virtual size: 324KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 164KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ