2e6fd1e4606f1126bd46a7a544f23aaa_JaffaCakes118

General

Target

2e6fd1e4606f1126bd46a7a544f23aaa_JaffaCakes118
Size

182KB
MD5

2e6fd1e4606f1126bd46a7a544f23aaa
SHA1

372d615de79406262b2f5da602aaf458e7806d77
SHA256

70b49e05d8a7af09e71bf3e9d277c5a9bd8e156fe52ce5ae971e12b6a60168be
SHA512

f8142c85d144e9db71a7fb874c9f6e25241037f201c70e5694cf8bfb31ca8f118b8da32b806778aea273755cd2dd3eac8aaadd93fb6d8d3553bd6258530fb7fb
SSDEEP

3072:rVyiWt36E8zDDo5y8vfx+g32kI7kd61ivwTHT27O717MuIEjue:9WZqE5pfx+gdIHivwTHTbN

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
2e6fd1e4606f1126bd46a7a544f23aaa_JaffaCakes118
unpack001/out.upx

Files

2e6fd1e4606f1126bd46a7a544f23aaa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 204KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 180KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 337KB - Virtual size: 337KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 9B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 320B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 204KB

UPX1 Size: 180KB - Virtual size: 184KB

.rsrc Size: 1024B - Virtual size: 4KB

Headers

File Characteristics

Sections

CODE Size: 19KB - Virtual size: 18KB

DATA Size: 337KB - Virtual size: 337KB

BSS Size: - Virtual size: 9B

.idata Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 320B

.rsrc Size: 1024B - Virtual size: 1024B

UPX0
Size: - Virtual size: 204KB

UPX1
Size: 180KB - Virtual size: 184KB

.rsrc
Size: 1024B - Virtual size: 4KB

CODE
Size: 19KB - Virtual size: 18KB

DATA
Size: 337KB - Virtual size: 337KB

BSS
Size: - Virtual size: 9B

.idata
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 320B

.rsrc
Size: 1024B - Virtual size: 1024B