020b0aced42c0de5487eb77629767922_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

020b0aced42c0de5487eb77629767922_JaffaCakes118
Size

13KB
MD5

020b0aced42c0de5487eb77629767922
SHA1

b9324f9b13094197e3bd523a186a705d90abf0c7
SHA256

f32a574bc306feb671a0aa1b61367a1b2803e14430a7a1e34ede648fa2085d66
SHA512

98361800ff881212fc4d7693374f297e82c1457267f1bc874aeaa2679a5dff2e6ae26dc0ccddf8bfb7015f4d1cc5ba234e5e38c1ea69d6b444ade7c4bc0c4dab
SSDEEP

192:0qq23fFOZxOoW3LIzWdrtZHqUKZqSXrnV0/Z2W5pmAopHE4pTUlSPRD3VGLVb3j:RswbIzsZKUKZfnVYEWivpHJQSPR+V/

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
020b0aced42c0de5487eb77629767922_JaffaCakes118
unpack001/out.upx

Files

020b0aced42c0de5487eb77629767922_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 44KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 138B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ