26ea5c292053f55dfa17bca6f9aae2e7_JaffaCakes118

General

Target

26ea5c292053f55dfa17bca6f9aae2e7_JaffaCakes118
Size

205KB
MD5

26ea5c292053f55dfa17bca6f9aae2e7
SHA1

e7e99d6a4111d818ec23f72333be86619841b808
SHA256

a60832590a64b09e0431230d59f5e4ebfd2416c2ca30ffceb8a361dc9ea92068
SHA512

7650e1b05e60b7d00c5be8eb1f7103460be87cfc320aadf3c778216e99b6018b1ca12f03292665b6e5fbc17e5e72f94e8589431ca29e23f4c7e890f8ab65ba30
SSDEEP

6144:Vha6v1lDQ3j2cRHlsVMFsf9xA2nt/KtpwD3kQ5Cb:dq3jvE26f962to4kkC

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
26ea5c292053f55dfa17bca6f9aae2e7_JaffaCakes118
unpack001/out.upx

Files

26ea5c292053f55dfa17bca6f9aae2e7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 272KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 203KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 435KB - Virtual size: 434KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 9B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 776B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 272KB

UPX1 Size: 203KB - Virtual size: 204KB

.rsrc Size: 1024B - Virtual size: 4KB

Headers

File Characteristics

Sections

CODE Size: 14KB - Virtual size: 13KB

DATA Size: 435KB - Virtual size: 434KB

BSS Size: - Virtual size: 9B

.idata Size: 1024B - Virtual size: 776B

.reloc Size: 512B - Virtual size: 252B

.rsrc Size: 1024B - Virtual size: 1024B

UPX0
Size: - Virtual size: 272KB

UPX1
Size: 203KB - Virtual size: 204KB

.rsrc
Size: 1024B - Virtual size: 4KB

CODE
Size: 14KB - Virtual size: 13KB

DATA
Size: 435KB - Virtual size: 434KB

BSS
Size: - Virtual size: 9B

.idata
Size: 1024B - Virtual size: 776B

.reloc
Size: 512B - Virtual size: 252B

.rsrc
Size: 1024B - Virtual size: 1024B