246a2674d33be17266d01db83a4554af_JaffaCakes118 | Triage

Sharing

General

Target

246a2674d33be17266d01db83a4554af_JaffaCakes118
Size

395KB
MD5

246a2674d33be17266d01db83a4554af
SHA1

5d0e992f489b1b8bf80b7a1cae98bc5e4120366b
SHA256

b5da8cfc17112468d5349a3fc14a539fdc646da3d806c4bc2fe0ee05c0f937f2
SHA512

240d0741e3bdb73fb4e67b443f20f6a964677cf0a9629d500829e9c4b0880b3625a54a77a343c332f501ee921815e332205023dc2c71e1a87ea223902ca360d4
SSDEEP

6144:fDhb/ikTpn+b2lyoangWv9zEjEj2NfEvlMYtPFcrvo9vzHmkjWiHe25+fLCrLEDq:fBKkAbMmgQX2ElMgFcrv2zWNX2M7SM+

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
246a2674d33be17266d01db83a4554af_JaffaCakes118

Files

246a2674d33be17266d01db83a4554af_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 34KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 297KB - Virtual size: 316KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.svkp
Size: 34KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RCryptor
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE