0675b69e5eba9378e70c51680aa6f78b_JaffaCakes118

General

Target

0675b69e5eba9378e70c51680aa6f78b_JaffaCakes118
Size

74KB
MD5

0675b69e5eba9378e70c51680aa6f78b
SHA1

8b00ba8bfde93658fa50bce2d1391b2101c401a9
SHA256

e2a641e15fff8b8460efe6221fa9016875531c6e167af1ffcd0c09e93ab582c3
SHA512

606973a4634e183a554902c7365ddd868906e7eceb3b588094681beb1fe6bfacc622aa0bc4124b838ce439f8d12726160f70f0aa952041a113ecb3455c268950
SSDEEP

1536:YpBjkKahIhT0N/NCHtSCSUChg2Xc8ENLDgYqWb0EFRqHlSolbJlw:YgHUe/NK7+C2s8EpDgnWbBFRUEob

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
0675b69e5eba9378e70c51680aa6f78b_JaffaCakes118
unpack001/out.upx

Files

0675b69e5eba9378e70c51680aa6f78b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

RBbr
Size: - Virtual size: 164KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RBbr
Size: 73KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.code4
Size: 512B - Virtual size: 145B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.code1
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.code2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vcbbb
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.code3
Size: 512B - Virtual size: 374B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

RBbr Size: - Virtual size: 164KB

RBbr Size: 73KB - Virtual size: 76KB

UPX2 Size: 512B - Virtual size: 4KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 1KB - Virtual size: 1KB

.code4 Size: 512B - Virtual size: 145B

.code1 Size: 4KB - Virtual size: 4KB

.code2 Size: 3KB - Virtual size: 3KB

.vcbbb Size: 2KB - Virtual size: 1KB

.code3 Size: 512B - Virtual size: 374B

.rdata Size: 70KB - Virtual size: 69KB

.data Size: 1024B - Virtual size: 131KB

RBbr
Size: - Virtual size: 164KB

RBbr
Size: 73KB - Virtual size: 76KB

UPX2
Size: 512B - Virtual size: 4KB

.text
Size: 1KB - Virtual size: 1KB

.code4
Size: 512B - Virtual size: 145B

.code1
Size: 4KB - Virtual size: 4KB

.code2
Size: 3KB - Virtual size: 3KB

.vcbbb
Size: 2KB - Virtual size: 1KB

.code3
Size: 512B - Virtual size: 374B

.rdata
Size: 70KB - Virtual size: 69KB

.data
Size: 1024B - Virtual size: 131KB