6047b55d79c2a849e2405e0c40e80d18_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6047b55d79c2a849e2405e0c40e80d18_JaffaCakes118
Size

59KB
MD5

6047b55d79c2a849e2405e0c40e80d18
SHA1

da56788f2fa92cdd20c997dd8b9cf1003b5f7c99
SHA256

7625d460277615f2451bae10885a5477650323bddc002d4612b2697452c93f26
SHA512

5cc83104903fb10303311d2c77b22fa7f5988dc9a77e76f0eaa8f14bcc1eeeba5ff8b84275aef541f45748dcb8d6cc24103cd539b09f616cbd09f885160d4a88
SSDEEP

1536:FZiPvhR64vTxbVNDZA+niuK6VyhKO2VUa5:FuJR64vTI+iHgUKjF

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
static1/unpack001/vistapass/vistapass.exe	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/vistapass/vistapass.exe

Files

6047b55d79c2a849e2405e0c40e80d18_JaffaCakes118
.rar
logo.gif
.gif
vistapass/vistapass.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 46KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
下载使用说明.txt