38d6cf4462d14de58d6af96c2fa60e4f_JaffaCakes118

General

Target

38d6cf4462d14de58d6af96c2fa60e4f_JaffaCakes118
Size

273KB
MD5

38d6cf4462d14de58d6af96c2fa60e4f
SHA1

b38cd510fd4a98681c0ae421e66518f87b08cc54
SHA256

12ec2879b7de993bf9e94ef730afbdaae394ead1bec85ee4b52cd718e672ef88
SHA512

647df275f6fb46fec6be244e72fff1d9ef12a7bec1431f54e9c8d8694882b8980e7fec0fb0c663890e9d8c83213a82668ee03f5e51dd4ecb8fa790e90674dc65
SSDEEP

6144:PbwHEDBR61SiQcf/ZKVOPhP+nPD3LkWIt:PbUE6bfhyOZ+nPjLQ

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
38d6cf4462d14de58d6af96c2fa60e4f_JaffaCakes118
unpack001/out.upx

Files

38d6cf4462d14de58d6af96c2fa60e4f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 312KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 252KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.code
Size: 256KB - Virtual size: 256KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 512B - Virtual size: 484B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RT_DATA
Size: 1024B - Virtual size: 998B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 257KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 312KB

UPX1 Size: 252KB - Virtual size: 252KB

.rsrc Size: 20KB - Virtual size: 20KB

Headers

DLL Characteristics

File Characteristics

Sections

.code Size: 256KB - Virtual size: 256KB

DATA Size: 1024B - Virtual size: 1000B

BSS Size: 512B - Virtual size: 484B

RT_DATA Size: 1024B - Virtual size: 998B

.CRT Size: 512B - Virtual size: 257KB

.rsrc Size: 19KB - Virtual size: 19KB

UPX0
Size: - Virtual size: 312KB

UPX1
Size: 252KB - Virtual size: 252KB

.rsrc
Size: 20KB - Virtual size: 20KB

.code
Size: 256KB - Virtual size: 256KB

DATA
Size: 1024B - Virtual size: 1000B

BSS
Size: 512B - Virtual size: 484B

RT_DATA
Size: 1024B - Virtual size: 998B

.CRT
Size: 512B - Virtual size: 257KB

.rsrc
Size: 19KB - Virtual size: 19KB