058e4ef8cc2b98f989fb7296d03caccd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

058e4ef8cc2b98f989fb7296d03caccd_JaffaCakes118
Size

45KB
MD5

058e4ef8cc2b98f989fb7296d03caccd
SHA1

cdf0d6b43f12773584a34cec30a722757d0c0df8
SHA256

8138e55b9d71fe45d62a1e053d8f3cf8abe2e22648d07b277b0b1289b3c20307
SHA512

9c9fe385aafe068009853d1838cd6ed630da5af944c0e3bfb94514d91a205aee7d37f8fe31838545f8fc68a9d2e51a736450a4ba35818ab7f623b96cc5742933
SSDEEP

768:hL0kTHAYeoe6vGnxApzAX1zK5uysBT9Jck1LZa9QwTd4XHGj/ktCe:h3TgYhGxKWysd9Jckdy1j/0Ce

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
058e4ef8cc2b98f989fb7296d03caccd_JaffaCakes118
unpack001/out.upx

Files

058e4ef8cc2b98f989fb7296d03caccd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 148KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 39KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 100KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ