f578eaffedf6d7a5c08a5a6aeb550a9a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f578eaffedf6d7a5c08a5a6aeb550a9a_JaffaCakes118
Size

5.6MB
MD5

f578eaffedf6d7a5c08a5a6aeb550a9a
SHA1

ad61c0cf7bea28b54917bfc16c01f417b2161ca7
SHA256

ef72d0348b9949f233aabf6e1076d7413c7bae287a985403acf0de238cf7b7bd
SHA512

21e585e8d73877589b1e4ea932a271363f1c2d8317f6cf201e6b5190e499caf5a7d697e6b716822b26351f4d5c22f46877ad2a52b3eba1fbc150f3af48d34635
SSDEEP

98304:LKIsh8uusL3hHcbL4pZEXN5Omn0XXl0ds0iXlpMepQD4gjXIkD8yEybFOItB6mwE:LK0uLFHcbSZ2N2XXlBlpPq4uDPEybFOe

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
static1/unpack001/fczh2011-beta3.exe	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/fczh2011-beta3.exe

Files

f578eaffedf6d7a5c08a5a6aeb550a9a_JaffaCakes118
.rar
fczh2011-beta3.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.text
Size: 341KB - Virtual size: 900KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.itext
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 17KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5.2MB - Virtual size: 5.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 202KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
新云软件.url
.url

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

.text Size: 341KB - Virtual size: 900KB

.itext Size: 2KB - Virtual size: 4KB

.data Size: 17KB - Virtual size: 36KB

.bss Size: - Virtual size: 28KB

.idata Size: 4KB - Virtual size: 16KB

.tls Size: - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.reloc Size: - Virtual size: 64KB

.rsrc Size: 5.2MB - Virtual size: 5.6MB

.aspack Size: 202KB - Virtual size: 204KB

.adata Size: - Virtual size: 4KB

.text
Size: 341KB - Virtual size: 900KB

.itext
Size: 2KB - Virtual size: 4KB

.data
Size: 17KB - Virtual size: 36KB

.bss
Size: - Virtual size: 28KB

.idata
Size: 4KB - Virtual size: 16KB

.tls
Size: - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.reloc
Size: - Virtual size: 64KB

.rsrc
Size: 5.2MB - Virtual size: 5.6MB

.aspack
Size: 202KB - Virtual size: 204KB

.adata
Size: - Virtual size: 4KB