0fb41f51971635fd1f667dc4b4422498_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0fb41f51971635fd1f667dc4b4422498_JaffaCakes118
Size

117KB
MD5

0fb41f51971635fd1f667dc4b4422498
SHA1

aa1d5a30aa061932efa93aacfd91d1f4b07e04f4
SHA256

8fc16b0f28d0dd13b40de6afeaeb20a3f07f5eec298b603342971b8dd3474280
SHA512

8c1ce4b3cc07d4b5d89fd7c3e1ea2db29a708afd2499154619a780afae390138540d83cdc0d3be7a7dd9eac886b485ce1f27bd06c0b8564bb8e96db5264979b1
SSDEEP

768:GdkjWqM254K+R0fxwJw4gSd+WgGqxibPrKxuZkvo8ARB8R8JcBjy7G35LFxE/Myq:KkjCgg1+WgIGx89qsdtmK

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0fb41f51971635fd1f667dc4b4422498_JaffaCakes118

Files

0fb41f51971635fd1f667dc4b4422498_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.Text
Size: 17KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Data
Size: - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Rsrc
Size: 1024B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 98KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE