280a44855a7365f02ed9898799013ae6_JaffaCakes118 | Triage

Sharing

General

Target

280a44855a7365f02ed9898799013ae6_JaffaCakes118
Size

727KB
MD5

280a44855a7365f02ed9898799013ae6
SHA1

28c4ace89b69304f3ce4c8b2f9a66eee2e6c2b6d
SHA256

a44d7d03558a82e877de26445221b1e0cbba9390d1d8940dab8faa425877b726
SHA512

3149fae7f1540bd17dad67976247696db22537557a151a4463e6732b800c148b4dfbc02acc281269e73a18bc139d8997a8721901392e0e7acac9c0cec5823c0e
SSDEEP

12288:ycbPRC9O/+fggZDQZKpv5Rh9ANh035a0rNJyXIWorzazFixLpjd04FyI/Fp879B/:tbPRC8/ubN5SNhYaMNUIWorzaZivd046

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
static1/unpack001/定时关机软件免费版.exe	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/定时关机软件免费版.exe

Files

280a44855a7365f02ed9898799013ae6_JaffaCakes118
.rar
定时关机软件免费版.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 272KB - Virtual size: 652KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 400KB - Virtual size: 516KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 19KB - Virtual size: 296KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
新云软件.url
.url