08e975c396194e895895868bcea1c705_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

08e975c396194e895895868bcea1c705_JaffaCakes118
Size

66KB
MD5

08e975c396194e895895868bcea1c705
SHA1

e525c5f1521c466b9aa505a879fb3b8c98cef338
SHA256

04ca3ae6888fc34b219a021b88efd59dd965c5bb544df3cbef8c64268eac11b2
SHA512

92db8744394c65842e929648b4aba0ec080c696e590842b117f4f9805c5597f4ac3b194352e58affbbe110b8390d8e27f6fb82cf62081c25f53311e4c0a387d1
SSDEEP

1536:wNPyqpO0OvsdVybTd2SDONZx85Mi126atetAE/aGr5:kJIIytSD2tAwa

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08e975c396194e895895868bcea1c705_JaffaCakes118

Files

08e975c396194e895895868bcea1c705_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 40KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE