1b06419fa327aa4c0b3f5989379f68f1_JaffaCakes118 | Triage

Sharing

General

Target

1b06419fa327aa4c0b3f5989379f68f1_JaffaCakes118
Size

350KB
MD5

1b06419fa327aa4c0b3f5989379f68f1
SHA1

3a1186e7a13a35bdd8c7396a4824a67d1e7355c1
SHA256

099faed0ac670334933659118c9f66258061be0f36f8a83038315b9f0f3d62bb
SHA512

84c7b46d759bb6a1045e42cd569897f3218084310a0e54165b3adda542380bdfcf50b2adec0fcfd8560b86e2d003de9cd19dbbd78742d61f9f74456eebc134df
SSDEEP

6144:/JCxPwl0UJChtfNnKd+7VGIhfxwzhr3GnXvPUWj1zoZRA2t6EzxUNKZIKt7hl2Xq:/JGPeetf9UmGIjwdynnU41zoZRA25ziy

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
static1/unpack001/qqlogin/QQ万能登录器.exe	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/qqlogin/QQ万能登录器.exe

Files

1b06419fa327aa4c0b3f5989379f68f1_JaffaCakes118
.rar
qqlogin/QQ万能登录器.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 280KB - Virtual size: 652KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 37KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 21KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE