2f62f078fcb9a65ec8cc2089bc721338_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2f62f078fcb9a65ec8cc2089bc721338_JaffaCakes118
Size

214KB
MD5

2f62f078fcb9a65ec8cc2089bc721338
SHA1

9cf0b5a62898361629fecaa4b3ce3bf03dcffc62
SHA256

66f4cecfe4d75c628ef2c4ff3fb89012a1b43921ab78788cb00f13e332f04b8a
SHA512

b6a89dd0b029b766bdfa010acf2d63d07d0361e2d5897b2ec54c6ea960d313054935b5dd9cb3d074a5e65deffef9a12eca3b02eb12d0babdd3d1cc7d5a0842e7
SSDEEP

3072:cO3Uua0caLN8Yyluv/E37Q70DtnqgTZX4Y8oiUJWPAWmmKVwTsIJI8+WjoijZb9z:czuT/6BO/uaWZ1oz8sikuPYyY1jf

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
2f62f078fcb9a65ec8cc2089bc721338_JaffaCakes118
unpack001/out.upx

Files

2f62f078fcb9a65ec8cc2089bc721338_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 80KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 177KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 35KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 176KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ