277882de130fb7a4554048bb492eeba0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

277882de130fb7a4554048bb492eeba0_JaffaCakes118
Size

397KB
MD5

277882de130fb7a4554048bb492eeba0
SHA1

98cbf452e1f18eaa12acde66a5b4c2413d32b56f
SHA256

25f8607edecaedc053405c621de14fccbbf6414f1031f0c869d5ecf02773668f
SHA512

8b4d1552b5e6a26bf033779b39df1e4dd4dd030418dfb923cb5596e0469974d1f41a64df73ecacab5eed730f827e2e02c4d4ca570724b31d6634ef0561c15e97
SSDEEP

12288:xK1PknmzloOtWYUDcpU8IgOinxLEo3IzBX:szgwwinxl4VX

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
static1/unpack001/梦幻精灵.exe	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/梦幻精灵.exe

Files

277882de130fb7a4554048bb492eeba0_JaffaCakes118
.rar
Data/Ti.txt
Music/1.wav
梦幻精灵.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 281KB - Virtual size: 3.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
软件说明.txt