f1086d0d7d23f204a6523a77a3a02802_JaffaCakes118

General

Target

f1086d0d7d23f204a6523a77a3a02802_JaffaCakes118
Size

796KB
MD5

f1086d0d7d23f204a6523a77a3a02802
SHA1

3a179d40643ac649f3ba9e8425691a01a31123a0
SHA256

e5618833b0e36ef9a174663635d09ee8d8b40c96368ac345e164750073bae274
SHA512

551d72ac5f828c5f213ef9b5f3505ba915b951d57604a59b60251209ef719a264f775e98bd758b73104f5bcc4e97924dffa112fc8c0cd97f1d651d7ef20cdc32
SSDEEP

12288:lRM1ADTMYieGNOrrbWcsaUbZfJVNqNdmFJx6qjVB6RQbl8UjWYYjJ09slawUwu8F:lRM16IejyZfJqNdmhjVkil8MPY2sl2A

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
static1/unpack001/Vgm Rizky Febriansyah.dll	aspack_v212_v242

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/N3.exe
unpack001/Vgm Rizky Febriansyah.dll

Files

f1086d0d7d23f204a6523a77a3a02802_JaffaCakes118
.rar
N3.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Vgm Rizky Febriansyah.dll
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

Size: 46KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 18KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 12KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 5KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 137KB - Virtual size: 360KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rsrc Size: 24KB - Virtual size: 23KB

.reloc Size: 4KB - Virtual size: 12B

Headers

DLL Characteristics

File Characteristics

Sections

Size: 46KB - Virtual size: 116KB

Size: 18KB - Virtual size: 68KB

Size: 12KB - Virtual size: 56KB

.rsrc Size: 1024B - Virtual size: 4KB

Size: 5KB - Virtual size: 20KB

.data Size: 137KB - Virtual size: 360KB

.adata Size: - Virtual size: 4KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rsrc
Size: 24KB - Virtual size: 23KB

.reloc
Size: 4KB - Virtual size: 12B

.rsrc
Size: 1024B - Virtual size: 4KB

.data
Size: 137KB - Virtual size: 360KB

.adata
Size: - Virtual size: 4KB