fd70e4f3f40692be69732085eaa6f952_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fd70e4f3f40692be69732085eaa6f952_JaffaCakes118
Size

582KB
MD5

fd70e4f3f40692be69732085eaa6f952
SHA1

9d0e5bbaac1a15374df357dcaaffcc2e1e529529
SHA256

7dc3bcc4d15b2a49c427658b5d7a5a6bad0c178e9a01061899ac866a13f75a92
SHA512

6d97127af83124172e987f0a0f79333bcc10adebb3d2a4936b549c7a103df2286e34f0b5dc84f1b6a93d2320c5a5fa96408482429beeb2617c4e6949da11ef5b
SSDEEP

12288:l0tDwGShc/oErC3xxmhooqpnAGtVnoMgq4QGY4Mq8mYP:a9MBk6DHobq4Mq8/P

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
static1/unpack001/MyIE.exe	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/MyIE.exe

Files

fd70e4f3f40692be69732085eaa6f952_JaffaCakes118
.rar
Language/ChineseGB.ini
MyIE.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 267KB - Virtual size: 664KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 34KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 9KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
MyIE.exe.manifest
.xml
MyIEHelp.htm
.html
Plugin/KillAd/killad.htm
.html .js polyglot
Plugin/KillAd/killad.ico
Plugin/KillAd/plugin.ini
Plugin/MouseUnlock/MouseUnlock.htm
.html .js polyglot
Plugin/MouseUnlock/MouseUnlock.ico
Plugin/MouseUnlock/plugin.ini
Plugin/PageZoomMore/icon.ico
Plugin/PageZoomMore/plugin.ini
Plugin/PageZoomMore/script.htm
.html
Plugin/ViewPage/ViewPage.htm
.html .js polyglot
Plugin/ViewPage/plugin.ini
Plugin/ViewPage/readme.txt
Plugin/ViewPage/v.ico
Resource/CollectorScript.txt.default
.js
Resource/DownManager.ini.default
.vbs
Resource/Filter.ini.default
Resource/MyIE.ini.default
Resource/PopFilter.WAV
Resource/Proxy.ini.default
.js
Resource/RESOURCE.HTM
.html
Resource/SearchEngine.ini.default
Resource/Start.htm
.html .js polyglot
Resource/StartEn.htm
.html .js polyglot
Resource/baidu.ico
Resource/function.js
.js
Resource/google.ico
Resource/image.ico
Resource/shopping.ico
Skin/Cartoon/BackGround.bmp
Skin/Cartoon/FavBar.bmp
Skin/Cartoon/Go.bmp
Skin/Cartoon/MainTool16.bmp
Skin/Cartoon/MainTool24.bmp
Skin/Cartoon/MainToolGray16.bmp
Skin/Cartoon/MainToolGray24.bmp
Skin/Cartoon/Skin.ini
Skin/Cartoon/StatusTool.bmp
Skin/Cartoon/SystemBar.bmp
Skin/Cartoon/TaskBar.bmp
Skin/Default/BackGround.bmp
Skin/Default/FavBar.bmp
Skin/Default/Go.bmp
Skin/Default/MainAnimIcon.bmp
Skin/Default/MainMenu.bmp
Skin/Default/MainTool16.bmp
Skin/Default/MainTool24.bmp
Skin/Default/MainToolGray16.bmp
Skin/Default/MainToolGray24.bmp
Skin/Default/SearchBar.bmp
Skin/Default/StatusTool.bmp
Skin/Default/SystemBar.bmp
Skin/Default/TaskBar.bmp
Skin/Grid/BackGround.bmp
Skin/Grid/FavBar.bmp
Skin/Grid/Go.bmp
Skin/Grid/MainAnimIcon.bmp
Skin/Grid/StatusTool.bmp
Skin/Grid/SystemBar.bmp
Skin/Grid/TaskBar.bmp
thanks.txt
安装必读.url
.url

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

.text Size: 267KB - Virtual size: 664KB

.rdata Size: 34KB - Virtual size: 148KB

.data Size: 9KB - Virtual size: 52KB

.rsrc Size: 32KB - Virtual size: 120KB

.aspack Size: 14KB - Virtual size: 16KB

.adata Size: - Virtual size: 4KB

.text
Size: 267KB - Virtual size: 664KB

.rdata
Size: 34KB - Virtual size: 148KB

.data
Size: 9KB - Virtual size: 52KB

.rsrc
Size: 32KB - Virtual size: 120KB

.aspack
Size: 14KB - Virtual size: 16KB

.adata
Size: - Virtual size: 4KB