24ea9c4403628531571408b45a2cdef4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

24ea9c4403628531571408b45a2cdef4_JaffaCakes118
Size

224KB
MD5

24ea9c4403628531571408b45a2cdef4
SHA1

311e5fde1e0bb3a354e7280b37563bae86d04ca3
SHA256

86db4e6abdee35465052390cf2cc55945a80106908639620269e2663edd3af1f
SHA512

3824bc41b207bfbf29073d93b4ec244d2c57a50f1bcd772a0aac37e730a7850d4851b276ddcce32682e6a0b88a5714292037a756910bcb7a8f2f6723163d5b93
SSDEEP

6144:AN6R44BBi98gWNlPTGQQm6agrdR+uc8O4F:A864BBdNtTirdRK4

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
24ea9c4403628531571408b45a2cdef4_JaffaCakes118

Files

24ea9c4403628531571408b45a2cdef4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 33KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 12KB - Virtual size: 392KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 174KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE