149827ac3359d1988a14f0826008bc6d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

149827ac3359d1988a14f0826008bc6d_JaffaCakes118
Size

332KB
MD5

149827ac3359d1988a14f0826008bc6d
SHA1

c4273bf3498727ff509901b0f0a9002dda553a7a
SHA256

156548f33d170b297858bc694580b4306c3eee302f4ae19c0219bfe2ea8a88eb
SHA512

f3abfad3dc60f974ac9e12ac7e2a75cbb368b53dd1e4db2b4edd850410d801c99fe81437ce2b8c8edf1902c24239dc469434746b5cf5c85569e064bdb51f31b9
SSDEEP

6144:VLpm3nLA/ieg1gTW1thUyuvHuEToctgOKd/N7xl8YxaxGpUv7lTC:XwLOlyufJTwOuVFGGqv7VC

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
149827ac3359d1988a14f0826008bc6d_JaffaCakes118

Files

149827ac3359d1988a14f0826008bc6d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 90KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 7KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE