2cc530ef3caf45dfb754ba06fc3df3ef_JaffaCakes118

General

Target

2cc530ef3caf45dfb754ba06fc3df3ef_JaffaCakes118
Size

263KB
MD5

2cc530ef3caf45dfb754ba06fc3df3ef
SHA1

1d8e4a0f4e0d39782c3412043a5f75a91f4dbfeb
SHA256

759a40fa6b711f201b3d8493d4a7fc7f328b1ef3dc518100376a48b7faa7d11a
SHA512

72fabe835d0b0816e5f670c9d45a575731d52e96668b1b687d3bb0cac3ddaa09444e777e12cd9924181dd8e654ac90c679923c6b7262d30bf51b6527e7787d7f
SSDEEP

6144:bTzCwKd7OVNnXJ8EUdT+GHg4hbtUcrgf/PXpyLeydTx+O:vzmdK7n58EOTLBtU5fo9xv

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
2cc530ef3caf45dfb754ba06fc3df3ef_JaffaCakes118
unpack001/out.upx

Files

2cc530ef3caf45dfb754ba06fc3df3ef_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 304KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 246KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

DATA
Size: 34KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 120KB - Virtual size: 185KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 210KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 304KB

UPX1 Size: 246KB - Virtual size: 248KB

.rsrc Size: 16KB - Virtual size: 20KB

Headers

DLL Characteristics

File Characteristics

Sections

DATA Size: 34KB - Virtual size: 121KB

.bss Size: 120KB - Virtual size: 185KB

.data Size: 140KB - Virtual size: 210KB

.text Size: 1KB - Virtual size: 1KB

.rsrc Size: 16KB - Virtual size: 15KB

UPX0
Size: - Virtual size: 304KB

UPX1
Size: 246KB - Virtual size: 248KB

.rsrc
Size: 16KB - Virtual size: 20KB

DATA
Size: 34KB - Virtual size: 121KB

.bss
Size: 120KB - Virtual size: 185KB

.data
Size: 140KB - Virtual size: 210KB

.text
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 16KB - Virtual size: 15KB