fa060ef789e7a588011e0902350c3838_JaffaCakes118

General

Target

fa060ef789e7a588011e0902350c3838_JaffaCakes118
Size

669KB
MD5

fa060ef789e7a588011e0902350c3838
SHA1

140288d40405a36ada764ba8af54eb4c0e0b2faf
SHA256

0cbb90377299ab9d4644c18708155f11d898249c53e1d29932277ae319dc604c
SHA512

64ce16c22c0e86e1d9c1969f5bd613f646a356b16862eb1e8838987300c7bc8f633cbd196289ae413ab9e4069313cda468bf62fca254d869d6f8a0a0d39d468d
SSDEEP

12288:z7fI6zzVRP0LlgTleS12NpWxfMW1meyUGpOutBcO:z7I6vVepgodVW1HGztBh

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa060ef789e7a588011e0902350c3838_JaffaCakes118

Files

fa060ef789e7a588011e0902350c3838_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

Size: 44KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 66KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 302KB - Virtual size: 304KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 244KB - Virtual size: 464KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

Size: 44KB - Virtual size: 148KB

Size: 2KB - Virtual size: 8KB

Size: - Virtual size: 4KB

Size: 66KB - Virtual size: 80KB

Size: 512B - Virtual size: 4KB

Size: 8KB - Virtual size: 16KB

.rsrc Size: 302KB - Virtual size: 304KB

.data Size: 244KB - Virtual size: 464KB

.adata Size: - Virtual size: 4KB

.rsrc
Size: 302KB - Virtual size: 304KB

.data
Size: 244KB - Virtual size: 464KB

.adata
Size: - Virtual size: 4KB