1c4d7b8fae51cf027d4caefe0d9566c1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1c4d7b8fae51cf027d4caefe0d9566c1_JaffaCakes118
Size

400KB
MD5

1c4d7b8fae51cf027d4caefe0d9566c1
SHA1

838795f25d1ab4191def8ad8aad81173e77b8216
SHA256

d310c65c56f897570d1b8a1a3457bdc53fbc8f75d3f738a63046f98fdce1ff74
SHA512

2819f8d8de78cced70fd2cf392f26d234d48c33cc0244bcd40cd62856a7508f4747105ae340e06c8683634ed8fd18295c880d62f74e8d03d042a7988fa1bc6e2
SSDEEP

12288:/RhjkMUzfsu9K77LtzREGXGPibhl0jUhU4h:ZUEu9K7H/0cl

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
static1/unpack001/urpwdr11rc9.exe	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/urpwdr11rc9.exe

Files

1c4d7b8fae51cf027d4caefe0d9566c1_JaffaCakes118
.rar
urpwdr11rc9.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

RPRX
Size: 325KB - Virtual size: 960KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RPRY
Size: 56KB - Virtual size: 392KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mackt
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.DOLTON
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE