06f6f70c1d9947df4285c0c8ee0ff887_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

06f6f70c1d9947df4285c0c8ee0ff887_JaffaCakes118
Size

82KB
MD5

06f6f70c1d9947df4285c0c8ee0ff887
SHA1

f9e209108e1bb9b4f9488cc638c3d0f8b9b1641b
SHA256

7155900f74b80f977303f8ef545cb3a0c1e2d16814c146da1b17d2c45cd9c470
SHA512

031c6cef1bc3901874b21f19f4359be1f8236f7abdf10795a06ce20288f03177a5c5d545aaf56e14bea65b0c8a224f44cff1d007d6516828882286e6188d4ab2
SSDEEP

1536:uNOy0/Kh6hjxhfZSRy9mBU08we+xjB2oNTnbZAY2cDrmMEG:t9vSRQQeAIoZnb/CG

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
06f6f70c1d9947df4285c0c8ee0ff887_JaffaCakes118
unpack001/out.upx

Files

06f6f70c1d9947df4285c0c8ee0ff887_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 28KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 75KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ