1540d28dff252fe0661829366903a2ee_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1540d28dff252fe0661829366903a2ee_JaffaCakes118
Size

280KB
MD5

1540d28dff252fe0661829366903a2ee
SHA1

7954445a17226fd2f234672d4cf2a45d5ba10e24
SHA256

d8f118b60293b939e65a2d62dac03430c13c161b3d4c1a44b27a9e8444061952
SHA512

15335d686f8c728e628dae54964939f0677dc77f1c5fe42b71cba635c16da560a9cce7adc1c74a49905e30b69f19d7e041dbd3fc03abce8d4dc850443a0f7f90
SSDEEP

6144:/MmSwXwu1MocIxOjvWsnswcFETgFIoe/8cULwYxBndc4aW6QyYGEI7:/McM9jOOslAYC7U0YxBnd3aW6Se7

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
static1/unpack001/OrgQQ.exe	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/OrgQQ.exe

Files

1540d28dff252fe0661829366903a2ee_JaffaCakes118
.rar
155绿色软件站.url
.url
OrgQQ.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 228KB - Virtual size: 516KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 23KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 18KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE