14097bb7181f6b6b64bac1ba9bbefe31_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

14097bb7181f6b6b64bac1ba9bbefe31_JaffaCakes118
Size

163KB
MD5

14097bb7181f6b6b64bac1ba9bbefe31
SHA1

d4074fc34163f7c1e38a2c3260350325e43a0dbf
SHA256

8bc366e3133129955ef533c37d1d13b5a13e293b65b7397272b53e02193b563f
SHA512

ea4468a97c9b712a25823bf2c9e12bf15852cc44c5df554037eb419869d3d44e4d4d8aabf1ff9f01968db3bd770e2595ecb8fd5adda1c9c99f9bca23b77368a1
SSDEEP

3072:6SEwwr8iw4VUewxlXJc/47MSBSjXwkcrz7/ajRQ5mTIYRhh0yakpxp+:EM4VKrJc/UUwkcrajRomTDXpP

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
14097bb7181f6b6b64bac1ba9bbefe31_JaffaCakes118
unpack001/out.upx

Files

14097bb7181f6b6b64bac1ba9bbefe31_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 1.8MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 220KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 478KB - Virtual size: 478KB

IMAGE_SCN_MEM_READ