067743eb1218ec130e2a95f62d7ecc60_JaffaCakes118

General

Target

067743eb1218ec130e2a95f62d7ecc60_JaffaCakes118
Size

19KB
MD5

067743eb1218ec130e2a95f62d7ecc60
SHA1

7690d15de1f634d2e7652503d28aab1ea17ac6e5
SHA256

ce6c3aefd0185ee1db4eeb4713874ab874300274a658f58839063c2adac58657
SHA512

24d25fe3a98204a5117c689e0725783f3aaa8845bac17e125bc43ab6f842759dc9c4a7ff72762d21c813ce417353491e88c4a73daa6f214f86babad5cec236f1
SSDEEP

384:uH4IPYPLCFxIrJkmaywTgFD0Ma5kCgm6U/5UDvRX:E4gBFxICmaLgx0L5khLMAv

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
067743eb1218ec130e2a95f62d7ecc60_JaffaCakes118
unpack001/out.upx

Files

067743eb1218ec130e2a95f62d7ecc60_JaffaCakes118
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 52KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

RT_GetVersion
xCreateRemoteThread
xOpenThread
xVirtualAllocEx
xVirtualFreeEx

Sections

CODE
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 52KB

UPX1 Size: 17KB - Virtual size: 20KB

UPX2 Size: 512B - Virtual size: 4KB

Headers

File Characteristics

Exports

Exports

Sections

CODE Size: 13KB - Virtual size: 16KB

DATA Size: 33KB - Virtual size: 36KB

.idata Size: 2KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

UPX0
Size: - Virtual size: 52KB

UPX1
Size: 17KB - Virtual size: 20KB

UPX2
Size: 512B - Virtual size: 4KB

CODE
Size: 13KB - Virtual size: 16KB

DATA
Size: 33KB - Virtual size: 36KB

.idata
Size: 2KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB