03dcea74eddc4f252ccffb23b6ac6bf9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

03dcea74eddc4f252ccffb23b6ac6bf9_JaffaCakes118
Size

765KB
MD5

03dcea74eddc4f252ccffb23b6ac6bf9
SHA1

03a228955cb41e12cfaccd772fc35f61fa0eb5d8
SHA256

eebdec70d7eb71a41c9bb6c9aadaa3363e7966c2970d63bf04184be72b315e3d
SHA512

4c855283dfea45e142368e16397fd07bac7e6f72a8cd0f404197287c080316ddd9a87bca24970c361c2b8f9d53ed3ea9a59069e6a7f4aeff54eb6758f8f22706
SSDEEP

12288:0dmW+QtblP8W/LRsfysjW0X0wUhsOKqXrDFEvGtcO6Lc+3nWXWrRFULNbgt1:a1j+fys6+YhB7t3+PrR+pb8

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03dcea74eddc4f252ccffb23b6ac6bf9_JaffaCakes118

Files

03dcea74eddc4f252ccffb23b6ac6bf9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pebundle
Size: 690KB - Virtual size: 692KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pebundle
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 36KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.udata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE