5622ad7ef3b9a5fbe609b2087e85836f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5622ad7ef3b9a5fbe609b2087e85836f_JaffaCakes118
Size

73KB
MD5

5622ad7ef3b9a5fbe609b2087e85836f
SHA1

d503357d63655d6b9db2dca66f5ab84444fd06c3
SHA256

7ed1bccd12a58127259a0ec132b5bdbecfddd808e0f9605ada586c5cc8561fa0
SHA512

2338ab52e7932a5dd51bc37d8f714d398c77407315e208a0fc5e0c5cfbe310f749b20c1bbefee104d31a9f36876f33c464c7b40a59e5c013e34e01bcdc11b8b1
SSDEEP

1536:+sb6cZbxCEEYy68VQ+b0Vb3/gUxKvVP0P+RTJdlgCXI:+a1j12Q+bEb3/gUUvNNdlg

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
5622ad7ef3b9a5fbe609b2087e85836f_JaffaCakes118
unpack001/out.upx

Files

5622ad7ef3b9a5fbe609b2087e85836f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 65KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ