2d46cc2515b98c7f90c6caae1698e487_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2d46cc2515b98c7f90c6caae1698e487_JaffaCakes118
Size

22KB
MD5

2d46cc2515b98c7f90c6caae1698e487
SHA1

ff0277ed02b13a152b165a5966ae15dac1953003
SHA256

2263bed318205c954c97ed6d4f7a6c73cc0c231b628f97d3ce5eb11a1c013da6
SHA512

aef5aef85c1d4df07f124a301f06963e75af046ea535da0f7129392ee5c5eacb768897c6d9b192df753809e3fb9bdfd10b2142292c4154ceaf0dca422501053b
SSDEEP

384:gh06l6KAXpHt3uEOm4eTxYNbRs8+CMSL3795k0cOEA0Axor6+e9Pfqbn1Y:ns6jZHt3uheUppL3YsdHx/ha5

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d46cc2515b98c7f90c6caae1698e487_JaffaCakes118

Files

2d46cc2515b98c7f90c6caae1698e487_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

killwg
��Ҳ��رմ��
�е��õ�ģ��

Sections

.text
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 11KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE