0af01c2d356e9ba4d65fc178f83373d9_JaffaCakes118

General

Target

0af01c2d356e9ba4d65fc178f83373d9_JaffaCakes118
Size

845KB
MD5

0af01c2d356e9ba4d65fc178f83373d9
SHA1

dde205747d0041dfc5acbf04e8e73fb1107be96f
SHA256

19a84db80de3323f507fe3508f65d0a395913573aa45cbe9d010ba99b84a0222
SHA512

3e3dd21ae4b6670d462d7d95789cfc68773c7d6a895cf42e822c5cbf6fedec9f513117b7fcff5bd1f6599c0edb882524dc553530bedc7cd7c90536a22d9d30ea
SSDEEP

6144:uL+n5KD3vLyBqfW2Kn7dt+6ALL932vdaNBZDeeeIO4bp8n+aC1meyUGimMXcgIgE:u6yjgn7dAmKZ1O490W1meyUGpM/oK4b

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0af01c2d356e9ba4d65fc178f83373d9_JaffaCakes118

Files

0af01c2d356e9ba4d65fc178f83373d9_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

Size: 62KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 77KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 54KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 426KB - Virtual size: 428KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 217KB - Virtual size: 440KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

Size: 62KB - Virtual size: 196KB

Size: 77KB - Virtual size: 96KB

Size: - Virtual size: 4KB

Size: 54KB - Virtual size: 64KB

Size: 512B - Virtual size: 4KB

Size: 8KB - Virtual size: 16KB

.rsrc Size: 426KB - Virtual size: 428KB

.data Size: 217KB - Virtual size: 440KB

.adata Size: - Virtual size: 4KB

.rsrc
Size: 426KB - Virtual size: 428KB

.data
Size: 217KB - Virtual size: 440KB

.adata
Size: - Virtual size: 4KB