f319aad8a016f766c14e0313c029d0df_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f319aad8a016f766c14e0313c029d0df_JaffaCakes118
Size

356KB
MD5

f319aad8a016f766c14e0313c029d0df
SHA1

19d9d999252ec2ae224589dfe182d8eca50abb88
SHA256

2669df886c567be7068272a6989a9019ec1cd8385fa2a18c63feb404f0b11901
SHA512

145862b344bc5dc576f7fb56a8736e080c1d10fffabb97540ff3d7274ae02603ad0a84e5de41acdcb8265942de40ae84734e36a1afe45968fd48043fd949e777
SSDEEP

6144:VradL/C9nDnBVkXAlz8xPcaAHqoW+ovew9t4obUw5HkolIGlfRCjd60yB1ojbwoB:VuhUnL8a4ReHnbU3lnHkolFRCZ60Q1ov

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
static1/unpack001/330624629/InExcel.exe	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/330624629/InExcel.exe

Files

f319aad8a016f766c14e0313c029d0df_JaffaCakes118
.rar
330624629/Excel.dcu
330624629/Excel.ddp
330624629/Excel.dfm
330624629/Excel.mdb
330624629/Excel.pas
330624629/Excel.~ddp
330624629/Excel.~dfm
330624629/Excel.~pas
330624629/InExcel.cfg
330624629/InExcel.dof
330624629/InExcel.dpr
330624629/InExcel.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 273KB - Virtual size: 704KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
330624629/InExcel.res
330624629/下载说明.htm
.html .js polyglot

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

CODE Size: 273KB - Virtual size: 704KB

DATA Size: 3KB - Virtual size: 8KB

BSS Size: - Virtual size: 4KB

.idata Size: 3KB - Virtual size: 12KB

.tls Size: - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.reloc Size: - Virtual size: 52KB

.rsrc Size: 13KB - Virtual size: 40KB

.aspack Size: 5KB - Virtual size: 8KB

.adata Size: - Virtual size: 4KB

CODE
Size: 273KB - Virtual size: 704KB

DATA
Size: 3KB - Virtual size: 8KB

BSS
Size: - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 12KB

.tls
Size: - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.reloc
Size: - Virtual size: 52KB

.rsrc
Size: 13KB - Virtual size: 40KB

.aspack
Size: 5KB - Virtual size: 8KB

.adata
Size: - Virtual size: 4KB