62b4b1f961def4ddc6fa24beff92a848_JaffaCakes118 | Triage

Sharing

General

Target

62b4b1f961def4ddc6fa24beff92a848_JaffaCakes118
Size

130KB
MD5

62b4b1f961def4ddc6fa24beff92a848
SHA1

4fc18a301ce355340e00717c6c7bf588e126def2
SHA256

a7d0532685b4f45596a7c4af60d5893849c448fcf892471019c9d1a5f00de5c8
SHA512

c5fa65e8f9d2987aae49c2216225b0088be257a80b04de8faa9ad42993856d51b3c3b529bb5b5e0eb3de71b7ac5e7d29d7e8b9d5595cc7e561d97c71667c27f4
SSDEEP

3072:50A9mhhJ/BEGVKUXBj9eWwlqVk+H0lb+oBkn7ywJoUlW:KGmf3nFEW7k+H0x+o+n7yw

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
62b4b1f961def4ddc6fa24beff92a848_JaffaCakes118

Files

62b4b1f961def4ddc6fa24beff92a848_JaffaCakes118
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 105KB - Virtual size: 232KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 18KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

minATL
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE