f9d67826ae139547020527938145a96b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f9d67826ae139547020527938145a96b_JaffaCakes118
Size

52KB
MD5

f9d67826ae139547020527938145a96b
SHA1

69a37352b3a2d5708ee64e284554cda5e8a41aaf
SHA256

4d7ee3cb6596dcc50d380721cf3c25582562b8555d862e67835327cd8b6598f0
SHA512

281067f305fa59d85cb84df503a25adc4fb399d09a41e1768446bfdd7911741bc064a8fbe989a39878e3cbdee70610707f08177a34ae64dbe21d2a90552b812a
SSDEEP

768:T8apbgF/jK70uEHmsinRWW/s2qQRmo5hpJQQA3B7rDPmSl3zW6GTx7bPr:IapbIjKoHSnRWHtQRZjJQj7GSljW6Q

Score

7^/10

vmprotect aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
sample	aspack_v212_v242

VMProtect packed file 1 IoCs

Detects executables packed with VMProtect commercial packer.

vmprotect

resource	yara_rule
sample	vmprotect

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f9d67826ae139547020527938145a96b_JaffaCakes118

Files

f9d67826ae139547020527938145a96b_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 14KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp1
Size: 16KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

.text Size: 14KB - Virtual size: 28KB

.rdata Size: 2KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 24KB

.vmp0 Size: 1024B - Virtual size: 4KB

.vmp1 Size: 16KB - Virtual size: 24KB

.reloc Size: 1KB - Virtual size: 4KB

.aspack Size: 3KB - Virtual size: 8KB

.adata Size: - Virtual size: 4KB

.aspack Size: 4KB - Virtual size: 8KB

.adata Size: - Virtual size: 4KB

.text
Size: 14KB - Virtual size: 28KB

.rdata
Size: 2KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 24KB

.vmp0
Size: 1024B - Virtual size: 4KB

.vmp1
Size: 16KB - Virtual size: 24KB

.reloc
Size: 1KB - Virtual size: 4KB

.aspack
Size: 3KB - Virtual size: 8KB

.adata
Size: - Virtual size: 4KB

.aspack
Size: 4KB - Virtual size: 8KB

.adata
Size: - Virtual size: 4KB