0fd6b59d07dd14cc9f409acf159ed657_JaffaCakes118

General

Target

0fd6b59d07dd14cc9f409acf159ed657_JaffaCakes118
Size

617KB
MD5

0fd6b59d07dd14cc9f409acf159ed657
SHA1

4820a80e61e2e82c42922e227e7a92bc62240f21
SHA256

a1cfc89e208316115dd505d4ecaf16d15594488182058800d352a6122abe3bfa
SHA512

daa16016b903dcf739a7c563c87e517773e9288c03db373674607d6f0ffbb93929dd1b909074ac79e5e9718abacc46b760bfcc71e635579f03c315dff136a847
SSDEEP

12288:nDH10wGkhnjjWR3QXTdxvY7le3y7fK29oNpQDGjw5azpCORhGSdo:nDV7vyRgDdxvcmy79WpQS/W6o

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
0fd6b59d07dd14cc9f409acf159ed657_JaffaCakes118
unpack001/out.upx

Files

0fd6b59d07dd14cc9f409acf159ed657_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 956KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 312KB - Virtual size: 316KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 304KB - Virtual size: 304KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 486KB - Virtual size: 485KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 612KB - Virtual size: 612KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 956KB

UPX1 Size: 312KB - Virtual size: 316KB

.rsrc Size: 304KB - Virtual size: 304KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 486KB - Virtual size: 485KB

.rdata Size: 93KB - Virtual size: 92KB

.data Size: 11KB - Virtual size: 27KB

.rsrc Size: 612KB - Virtual size: 612KB

.reloc Size: 25KB - Virtual size: 25KB

UPX0
Size: - Virtual size: 956KB

UPX1
Size: 312KB - Virtual size: 316KB

.rsrc
Size: 304KB - Virtual size: 304KB

.text
Size: 486KB - Virtual size: 485KB

.rdata
Size: 93KB - Virtual size: 92KB

.data
Size: 11KB - Virtual size: 27KB

.rsrc
Size: 612KB - Virtual size: 612KB

.reloc
Size: 25KB - Virtual size: 25KB