058769d9ffbf018de3f3a936351b563b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

058769d9ffbf018de3f3a936351b563b_JaffaCakes118
Size

47KB
MD5

058769d9ffbf018de3f3a936351b563b
SHA1

31736e163dbeb61194faf9862a64ca14bb958a4c
SHA256

6b49e442a839553c8c5ddc203d605865af88ffd8d413e01c6615d00375bf7115
SHA512

befa00e70686ec36a8a7e3143a04febdfee98c7a0e50f4e01d8daa24db3d02fd2c51f7915073e4298c29d9ee29af935f7d528d1a6efba033bc887c707341fad5
SSDEEP

768:/174XD8EQ9KDb+rDYeHG8l6ktUSsDNXdidP3EDQNNPNUnWKM+W6EGh3rEa:/bEeGC3YeLtw1d+0ANUWhHFAIa

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
058769d9ffbf018de3f3a936351b563b_JaffaCakes118
unpack001/out.upx

Files

058769d9ffbf018de3f3a936351b563b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 43KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ