119428b3ca1ba5705e92a8700439cdd6_JaffaCakes118 | Triage

Sharing

General

Target

119428b3ca1ba5705e92a8700439cdd6_JaffaCakes118
Size

12KB
MD5

119428b3ca1ba5705e92a8700439cdd6
SHA1

b35ebbc2b34e17c0f447f7f03c28fa47e0cbacea
SHA256

e473a6dc4bb8ec1cfb3bb8d5683cefa4dc8cffe57d272702ff6fbd38efb2a7d1
SHA512

2e32cc659d3bdf0281c007c5c938b36db09830358828328c2367e80e0093bf69d85d29beba8fe8980fbd142196911b0274eb8a885d77963fd212b3f6d00eb6b5
SSDEEP

192:Rq6xgWEd5aDJYVeO9BzQopiwZ7Rn9ufkmoERQjTJSwhm:oYk/VXxNpiwnnwfkYREkwh

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
119428b3ca1ba5705e92a8700439cdd6_JaffaCakes118

Files

119428b3ca1ba5705e92a8700439cdd6_JaffaCakes118
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.1st
Size: 512B - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE