98463997dc81ca6cd2e633bf24ed0e64_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

98463997dc81ca6cd2e633bf24ed0e64_JaffaCakes118
Size

421KB
MD5

98463997dc81ca6cd2e633bf24ed0e64
SHA1

aa7bbc24e1a9b41fa26e9fbba32be8048093eb97
SHA256

d908ebf0fe8eb4660e93d5774bdbaa0cdd1642936b3b5cffb3f117b4a5fd37c5
SHA512

1b5cfcc1af4ec2be26f6499390b5a1523ca9d4f2b28bcc56d8942d680b48296f9e70ce6e66a412a73c8205798a501ada762ce4d357d82321970a4549b9e9f00b
SSDEEP

12288:T/gJEziWCvl+V7meMdxbITtmiMqHCBh3xufv3:Lvzir8mBLsTOBbBW

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
static1/unpack001/ltzs/论坛回帖助手2.07试用版.exe	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ltzs/论坛回帖助手2.07试用版.exe

Files

98463997dc81ca6cd2e633bf24ed0e64_JaffaCakes118
.rar
ltzs/dat/使用帮助.txt
ltzs/dat/灌水回复.txt
ltzs/河源下载站-cngr.cn.url
.url
ltzs/论坛回帖助手2.07试用版.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 299KB - Virtual size: 840KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 59KB - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 20KB - Virtual size: 288KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE