1286f85ab1be47ea335d09ce8baa5f09_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1286f85ab1be47ea335d09ce8baa5f09_JaffaCakes118
Size

80KB
MD5

1286f85ab1be47ea335d09ce8baa5f09
SHA1

3205937e0c6b7e120896fc62931aed73de2a2205
SHA256

a8450c5857f2924faa1507d622fe326d69c0121d77bbd9178e00083c413da7f5
SHA512

620b2cc631eae89fc589b4129a91fbfc3faa39fd60e1958f7c49bb908701295106a95ff110cf36753f4dd939a349c6d4e264a2af72bc1ef9a5a22cd49dea9336
SSDEEP

1536:l8k6tiv5U4r0q712j0EchN8Uwz0Rz9yy7fT3RGzaOlq26Z+OPLf:ln6mU4rHEjOhgzqF7fTkDR6ZHf

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
1286f85ab1be47ea335d09ce8baa5f09_JaffaCakes118
unpack001/out.upx

Files

1286f85ab1be47ea335d09ce8baa5f09_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 28KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 73KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ