0b56944b3e984415a406770e47f237f9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0b56944b3e984415a406770e47f237f9_JaffaCakes118
Size

69KB
MD5

0b56944b3e984415a406770e47f237f9
SHA1

e56dc8e4011cbf8eb35b33ff57101c7a135deca0
SHA256

1cc640fb257181ad80d595a70ed01b9b69d466cf14909a3ab8b1f551f19d613b
SHA512

4aef5b3bbe4345fdbb3397898d1a82a9992b06c064faefde9a8ec76494c193d0217fa8e03b377008955139b7e4ce1bb8cd32194ece1b94e028fab5dc559ae607
SSDEEP

1536:7NCir2ST1octAHg9PQbjUg4N6uR/KIYCM/US82+aZPJjyN:4MOOAvt4N6Y+/UB2+sRjyN

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
static1/unpack001/damn_retina471.exe	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/damn_retina471.exe

Files

0b56944b3e984415a406770e47f237f9_JaffaCakes118
.zip
damn.nfo
damn_retina471.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 45KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.DAMN
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
file_id.diz