163e1dfec61e7fd7f32b89c84c136a99_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

163e1dfec61e7fd7f32b89c84c136a99_JaffaCakes118
Size

436KB
MD5

163e1dfec61e7fd7f32b89c84c136a99
SHA1

7d4730f67a85bbaebcfd9afc9410ba3407ca3ff3
SHA256

f5a713a64cb09c8f99c1d8d0e02661a6f659b401ff62415a68af579071525b5f
SHA512

5601706317031a999ac66d57be1939470c2fcd9fa1b0dde62efadb4a5678a5153b6a67c827a37693147fde341a961c013155beaa3d92920a18fc6346797777a2
SSDEEP

6144:XR+wPbl/QgifjnW8c6LVp0tQLVSkU6oIq1bHVBT/M9VDhFqbSqcvqy:X0wPbl/QgEGpOLIkoHTDuVFq/cv

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
163e1dfec61e7fd7f32b89c84c136a99_JaffaCakes118

Files

163e1dfec61e7fd7f32b89c84c136a99_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.FSG
Size: 379KB - Virtual size: 378KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.shit
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.telockn
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.UPX0
Size: - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.peshit
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.telockn
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.shrink
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE