288e64a3189ec40ee1fd52eb9c0fcaf8_JaffaCakes118

General

Target

288e64a3189ec40ee1fd52eb9c0fcaf8_JaffaCakes118
Size

157KB
MD5

288e64a3189ec40ee1fd52eb9c0fcaf8
SHA1

65d9f174cd23d1a77611d78e8c681203cb88bf87
SHA256

b99380dce99a46a62ab6db31975fa97465a3198438a06234ad2d42d76beb4c85
SHA512

30c94e716b291d53612f424f3f40ec7ea821d12fade0b65e4c50c0276f9216d4f0d64024e7f6e0ba74d93ca276f485ec46434452bbf63d2c161defe7e23f27df
SSDEEP

3072:xF5hB8DYf766h/WRMMiboTpEteETgCNcSYwWWD:xP3hZ8xueEtP0icSTFD

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
288e64a3189ec40ee1fd52eb9c0fcaf8_JaffaCakes118
unpack001/out.upx

Files

288e64a3189ec40ee1fd52eb9c0fcaf8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 96KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 155KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 215KB - Virtual size: 214KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 57B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 750B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 276B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 96KB

UPX1 Size: 155KB - Virtual size: 156KB

.rsrc Size: 1024B - Virtual size: 4KB

Headers

File Characteristics

Sections

CODE Size: 12KB - Virtual size: 11KB

DATA Size: 215KB - Virtual size: 214KB

BSS Size: - Virtual size: 57B

.idata Size: 1024B - Virtual size: 750B

.reloc Size: 512B - Virtual size: 276B

.rsrc Size: 1024B - Virtual size: 1024B

UPX0
Size: - Virtual size: 96KB

UPX1
Size: 155KB - Virtual size: 156KB

.rsrc
Size: 1024B - Virtual size: 4KB

CODE
Size: 12KB - Virtual size: 11KB

DATA
Size: 215KB - Virtual size: 214KB

BSS
Size: - Virtual size: 57B

.idata
Size: 1024B - Virtual size: 750B

.reloc
Size: 512B - Virtual size: 276B

.rsrc
Size: 1024B - Virtual size: 1024B