4d42525a4fc5d8d932b290c2647251c7_JaffaCakes118

General

Target

4d42525a4fc5d8d932b290c2647251c7_JaffaCakes118
Size

293KB
MD5

4d42525a4fc5d8d932b290c2647251c7
SHA1

3911f0d74b464955b1cf96711c790278c6e98ca3
SHA256

c7598cacdd9ac0619ba1e5b71c94f55dfb2730bc14971dc84287fa0e7f75753e
SHA512

fdf6af97b230c3dd9cf77984f48be3e04ac5d799f19f9b2cc658c8059a4cc4896c33133f7d3031c13dc8473f62998bb0d16864cffb9dad9ce11e64d4a752119c
SSDEEP

6144:Y45nxrh2PwT3TU7fxR+7g95B+Xart5kwUAoSTWYdfgaSJoQndjJ/lWkU9D:VtNh2PU3TU7fxR8G5ko7W8fgjhr/cXD

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
static1/unpack001/S7 Blocks Unlock/S7 Blocks Unlock.exe	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/S7 Blocks Unlock/S7 Blocks Unlock.exe

Files

4d42525a4fc5d8d932b290c2647251c7_JaffaCakes118
.rar
S7 Blocks Unlock/Readme.txt
S7 Blocks Unlock/S7 Blocks Unlock.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 268KB - Virtual size: 696KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
电气自动化技术网-工控,电工,西部最大的电气自动化门户网站.url
.url

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

CODE Size: 268KB - Virtual size: 696KB

DATA Size: 3KB - Virtual size: 12KB

BSS Size: - Virtual size: 4KB

.idata Size: 3KB - Virtual size: 12KB

.tls Size: - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.reloc Size: - Virtual size: 52KB

.rsrc Size: 12KB - Virtual size: 36KB

.aspack Size: 5KB - Virtual size: 8KB

.adata Size: - Virtual size: 4KB

CODE
Size: 268KB - Virtual size: 696KB

DATA
Size: 3KB - Virtual size: 12KB

BSS
Size: - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 12KB

.tls
Size: - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.reloc
Size: - Virtual size: 52KB

.rsrc
Size: 12KB - Virtual size: 36KB

.aspack
Size: 5KB - Virtual size: 8KB

.adata
Size: - Virtual size: 4KB