2885432649e0b2b17a16202920da762a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2885432649e0b2b17a16202920da762a_JaffaCakes118
Size

15KB
MD5

2885432649e0b2b17a16202920da762a
SHA1

21a765ee810cc64ad16185a98f33a741e7be61b4
SHA256

0e32d6e5708eddaee3e9b6eeec141cae6583c6770e197982c204cc93299cf068
SHA512

010b588c1b93e26688b55b9275bb6cea2dd36b4e212218e7cea0915d5981f05cae44b25362d6da2f61733401170afc36fe7ae0dafeead2f4045fc876660a6e94
SSDEEP

384:NeZwrTs4Ih+L3OFl2dmJUYJK+HiduEL1i+QUsgoB+2rNllA:sZwr6hM36iYJod34jrgoBTrNlq

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
2885432649e0b2b17a16202920da762a_JaffaCakes118
unpack001/out.upx

Files

2885432649e0b2b17a16202920da762a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.data
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE