2723de99425b931cdc2ddf17d77bd5e5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2723de99425b931cdc2ddf17d77bd5e5_JaffaCakes118
Size

326KB
MD5

2723de99425b931cdc2ddf17d77bd5e5
SHA1

90fbd9bc3d0436d878a4d2665ebd3a36f1c57249
SHA256

c0a912e496e9207c5b73efb8e6b4c0c5932551e361577c935b9e153932e1d707
SHA512

917f76efd8e8e389e40c2bbe63fe0aaf7dd93864b6d06ff9556a39efba710c80c4ccd97b4214eb52a017e75683f28a9e432e6f0a38711bd471f0f87bc8e3e637
SSDEEP

3072:Sea+gRr7FctRGaYbplqvlE2w2fC/JH8sTwtlLtygRPIk2WWFEc+iens60xT7OA6M:98RytRG/bG7McGwtdt/NI1+ieNQTqAoG

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
2723de99425b931cdc2ddf17d77bd5e5_JaffaCakes118
unpack001/out.upx

Files

2723de99425b931cdc2ddf17d77bd5e5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 332KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 306KB - Virtual size: 324KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 300KB - Virtual size: 299KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ