424b34140a864645b2b80d08cdd06ec2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

424b34140a864645b2b80d08cdd06ec2_JaffaCakes118
Size

1.8MB
MD5

424b34140a864645b2b80d08cdd06ec2
SHA1

b9ef2cfc9413fb1cc25fd55ea5512e38026a7f26
SHA256

b20f910738d66f84249fbb92e03e5cc99f6adc4a33be7d2b65a74d35f4594ee8
SHA512

a48e9349577f87c554654b7326975791f53d5f37f15435f1476b38dbf2dc908cb5c22da9d9b627514a94281eb559d4e9740692572941c7f80f14848d72adb4cd
SSDEEP

49152:A2/j6uGVM/LovOwniygSIzx59HtI2cgHh6MwJ:A2/jEkXwHgSIzxXHtbcgHhTwJ

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
424b34140a864645b2b80d08cdd06ec2_JaffaCakes118
unpack001/out.upx

Files

424b34140a864645b2b80d08cdd06ec2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 492KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 986KB - Virtual size: 988KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.icon
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
out.upx
.exe windows:4 windows

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED

Sections

Size: 276KB - Virtual size: 276KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 712KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ