44aedbf2d37d36610ead169458aed15a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

44aedbf2d37d36610ead169458aed15a_JaffaCakes118
Size

926KB
MD5

44aedbf2d37d36610ead169458aed15a
SHA1

f21f68eaffdc913a33f481156352f35729194a95
SHA256

b05b5b2978db35cc3ade10ee420dcc2d1bd33b2c8875d8ab996e72688d8b4c8e
SHA512

0b499cfc2b167656d8d572795aaccdc1f1b5923661419fba236b8495190c6aae17f460b3542dbdc8f48832567a98d4854fa4873886edeaa9d735ab170ffc8358
SSDEEP

24576:aJTsTun0KUkLjy2qnAZ3YbsLTR7sbNQ5RF7yirj:caKhjy2qAl4WVUKRFWirj

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
44aedbf2d37d36610ead169458aed15a_JaffaCakes118
unpack001/out.upx

Files

44aedbf2d37d36610ead169458aed15a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 4.6MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 914KB - Virtual size: 916KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ