045e60bd3b9877774c6d3c3019fcda67_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

045e60bd3b9877774c6d3c3019fcda67_JaffaCakes118
Size

18KB
MD5

045e60bd3b9877774c6d3c3019fcda67
SHA1

edb5b3a6d5056339a26734e3d89b22ae2a8da676
SHA256

da5c6300f26ec9cef5cd2831d25207fe69aeb012966db85982d079e028e3a1dd
SHA512

509c888d3f2740b1c8468ae333b64d4f220f873adcfd772e91078e64f1b7df13486e802f4ffdd5705e135c18136696891ec0ae019a6c508b6afa2ef2100e8276
SSDEEP

384:2+B5/rsF76kBHPS2oXDV+GL7tkC1a5mElAiL2m/1rXTHd:NYF7zHa2op+GXtp4BAiz95

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
045e60bd3b9877774c6d3c3019fcda67_JaffaCakes118
unpack001/out.upx

Files

045e60bd3b9877774c6d3c3019fcda67_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.rdata
Size: 4KB - Virtual size: 890B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ