26a688b65a331ad3ec05c9f8f3695854_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

26a688b65a331ad3ec05c9f8f3695854_JaffaCakes118
Size

903KB
MD5

26a688b65a331ad3ec05c9f8f3695854
SHA1

9a5d8c75d11dca0928f08272ec358d9b6c375aa8
SHA256

109e513f7b16a8e1efa168f92e980a06cf21a893ebcfb65ffe140951025f1b44
SHA512

ce79c14f4e7bd8cad6aad68aeb7a6c2520a0445f061a3607ddab31118a417187ef7463bac3ee7699b93955942d9ed4d459e8c432395e90f52a0c76b5053a956a
SSDEEP

24576:BqEvyC/QACcyefpoXVMawq0815+QstRUK:B8YXVueq08rGt+K

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
static1/unpack001/XMP_NoAD_V1.4.exe	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/XMP_NoAD_V1.4.exe
unpack002/out.upx

Files

26a688b65a331ad3ec05c9f8f3695854_JaffaCakes118
.7z
XMP_NoAD_V1.4.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 1020KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 901KB - Virtual size: 904KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 520KB - Virtual size: 516KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
logo.gif
.gif
所有小软件列表！.url
.url
说明.txt