0a54bfd88e466ff735fa5908b0e5efb0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0a54bfd88e466ff735fa5908b0e5efb0_JaffaCakes118
Size

118KB
MD5

0a54bfd88e466ff735fa5908b0e5efb0
SHA1

fed6d4d6cfba6c726297221ed1218a21a139e2ab
SHA256

1199062d4c2ca0653567c02d12f51573261976d6ad8a4fd7b58801af7e9772ba
SHA512

63f1257e5da968aafa2a7a779246c9cab656d2112a2dd57f1e6c95b299385cd205c5735e02422372654ab36d1c072b11e65b4a842f8eb31ddc5e4b45401eff10
SSDEEP

3072:sBeCO+eZVViw+dcjBv6+FY9QcKmROxGmSc5yqj:s0CO+e/ZxjBvHFY9Qc/VmX

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
0a54bfd88e466ff735fa5908b0e5efb0_JaffaCakes118
unpack001/out.upx

Files

0a54bfd88e466ff735fa5908b0e5efb0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 160KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 115KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 40KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fei0
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ