3c949561a94e16fba5bba8ca73039502_JaffaCakes118 | Triage

Sharing

General

Target

3c949561a94e16fba5bba8ca73039502_JaffaCakes118
Size

59KB
MD5

3c949561a94e16fba5bba8ca73039502
SHA1

5fb3fbe2678b7020345d774773134a3413586798
SHA256

e1adcc3532b2bdb57b8981f0eeba216363a0ae0cd5624ddeb7cc03b7df26999e
SHA512

ca289de693740e8d32eaf8a6e9e4f6a4342352cbb6c395b03b0ee3195ab91c78109bae23c21a3f5ddb71c2bd31d53b81897874c49b4492523d0e96b41f1c9546
SSDEEP

768:/FoWTi7VKJKT0OWs5TtWERYImI7YSNyPtGJiIf6hYyIGfMrSnshKubehypRl4TM0:NbT0QRs5TQxUGwf6bsr5Sh2Rl4h5z

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
3c949561a94e16fba5bba8ca73039502_JaffaCakes118
unpack001/out.upx

Files

3c949561a94e16fba5bba8ca73039502_JaffaCakes118
.exe windows:6 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 57KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:6 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ