1252846744ed7f613fdd0f9770006e33_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1252846744ed7f613fdd0f9770006e33_JaffaCakes118
Size

77KB
MD5

1252846744ed7f613fdd0f9770006e33
SHA1

63b1605254e36532ba6b2e9340b6eed9176cee35
SHA256

c6b99c519f54a63577ddf1e8db822605939175b92ce383cee2416bbd584562ce
SHA512

60ab0c2b40ece990dd2092e9f1cb029e8c473913beaa1a25efbf1d693e23fa15ba8c85d21376a30e52840bafb28d44043833d6684109a32ac37abb30e7ece268
SSDEEP

1536:Z0ouBG6AO8h0sBxvhKE0krlcheYNwNFnapvo/JvT0YbZHQSv//GWf:Z03kH0sJKE0e2eYWah+hblQU

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
1252846744ed7f613fdd0f9770006e33_JaffaCakes118
unpack001/out.upx

Files

1252846744ed7f613fdd0f9770006e33_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 280KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 75KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 348KB - Virtual size: 347KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE