3b3b8e9a086b8a5c5a10c99463204bee_JaffaCakes118

General

Target

3b3b8e9a086b8a5c5a10c99463204bee_JaffaCakes118
Size

20KB
MD5

3b3b8e9a086b8a5c5a10c99463204bee
SHA1

3ae3cc31b5a076128eefeb94e128101899ff3359
SHA256

ca61557f92f21e978f9f952af6838c4d746a911125edc753581e2126dbd28b14
SHA512

f7fe6ed9aabea933c7c733b4a0ca87cacdfeacf1c3274eb79f01ae3c6e7732fe81b1949a77e1ad246c96819484d50edb0b463e4536881353b477b0bc8fa3c5ca
SSDEEP

384:8e5ro50wF8voTyUWwUrcy1wzQ6ybVcRPLMt:88y0zoTyU9lP6c5Q

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
3b3b8e9a086b8a5c5a10c99463204bee_JaffaCakes118
unpack001/out.upx

Files

3b3b8e9a086b8a5c5a10c99463204bee_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 48KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 196B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 48KB

UPX1 Size: 8KB - Virtual size: 12KB

.rsrc Size: 11KB - Virtual size: 12KB

Headers

File Characteristics

Sections

CODE Size: 11KB - Virtual size: 11KB

DATA Size: 512B - Virtual size: 196B

BSS Size: - Virtual size: 1KB

.idata Size: 1KB - Virtual size: 1KB

.tls Size: - Virtual size: 8B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 1024B - Virtual size: 880B

.rsrc Size: 11KB - Virtual size: 11KB

UPX0
Size: - Virtual size: 48KB

UPX1
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 11KB - Virtual size: 12KB

CODE
Size: 11KB - Virtual size: 11KB

DATA
Size: 512B - Virtual size: 196B

BSS
Size: - Virtual size: 1KB

.idata
Size: 1KB - Virtual size: 1KB

.tls
Size: - Virtual size: 8B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 1024B - Virtual size: 880B

.rsrc
Size: 11KB - Virtual size: 11KB