95a74c4c062521d3a1cae84bac5c956c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

95a74c4c062521d3a1cae84bac5c956c_JaffaCakes118
Size

40KB
MD5

95a74c4c062521d3a1cae84bac5c956c
SHA1

ed3cd98662e81aeea33291ce31d66e67cfac3e6d
SHA256

440dad5bc0ac8ce88b3142f690f774cf945dd35129b4149487f2f0d54ab68f86
SHA512

2b923232f9d7955ff42f8cf2218e4fa666a1d0afb9aefd4a966955d4f5d2b2832647367c856183624d57c280681c4a88c002b6a6bd1889b5dec1db1b6aaaa8fc
SSDEEP

768:2YsAHsAnuuTErUU1k/KsCm1UiAkF9OgBcDelIr76M9KjG4P1w3JssZrp8:tsAHsAun1kS5QUiAQ9ZB3lIr7TmPe2Iq

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
static1/unpack001/Informatik.Imagistik.Markup.v5.1.2874.36705.Incl.Keygen-Lz0/Lz0/keygen.exe	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Informatik.Imagistik.Markup.v5.1.2874.36705.Incl.Keygen-Lz0/Lz0/keygen.exe

Files

95a74c4c062521d3a1cae84bac5c956c_JaffaCakes118
.zip
Informatik.Imagistik.Markup.v5.1.2874.36705.Incl.Keygen-Lz0/Lz0.nfo
Informatik.Imagistik.Markup.v5.1.2874.36705.Incl.Keygen-Lz0/Lz0/keygen.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 25KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lz0
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Informatik.Imagistik.Markup.v5.1.2874.36705.Incl.Keygen-Lz0/file_id.diz
keygen.nfo