14209362f9cdad8c1a9ec7ffe486b565_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

14209362f9cdad8c1a9ec7ffe486b565_JaffaCakes118
Size

5KB
MD5

14209362f9cdad8c1a9ec7ffe486b565
SHA1

0ed268282eb87c2b2e82ca44253f7c18682d00fd
SHA256

e5561a139c857b09cae8a9c4ddd40e81fb5c82f4a8d3a46867b2e3c7ed0da91f
SHA512

c220d83316b7bd2a54331aa755b4f49f8e0e053d979f172d2d80d85c1760abde97648a055587d25c6a6bf7ab8349ccc1ab7f5bf8ce8c52facf92bce87ee13b35
SSDEEP

96:XhYC1egB/JKujrIM0yeR1FSKwoX4Oigx0XGrK+XDP:XhBMiJ7jmFSPoIOxOElXj

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
14209362f9cdad8c1a9ec7ffe486b565_JaffaCakes118
unpack001/out.upx

Files

14209362f9cdad8c1a9ec7ffe486b565_JaffaCakes118
.exe windows:3 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:3 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 344B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE