2d5307beead44e4f4e63199f3c5729ea_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2d5307beead44e4f4e63199f3c5729ea_JaffaCakes118
Size

1.2MB
MD5

2d5307beead44e4f4e63199f3c5729ea
SHA1

f5baac448a8d7ac9fdfcef9f4d8295269a88f958
SHA256

144842152756b6f7e317537d346ada95e01d7239c56adc9e5e30ce764333cb78
SHA512

b409551bcd051bf6380715146ad94c8ff01325f894e1ef2777baaefc20feef6f5ff6958f46e2dacfe3963e030613023423e1e784fe07f8815c8e80b243c55472
SSDEEP

24576:EuvluvdkDzRxdjj4Yq1UQnMpymH1VNLt6o96S/N7frtttttttt0tt1:EAqdkDtvYsQnMvhtnfrtttttttt0tt1

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
sample	aspack_v212_v242

Files

2d5307beead44e4f4e63199f3c5729ea_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Code Sign

01
Certificate

Issuer

CN=Max Medvedev (http://brightek-soft.com),OU=Development,O=Brightek Software,L=Nizhny Novgorod,ST=Russian Federation,C=BS,1.2.840.113549.1.9.1=#0c1761646d696e40627269676874656b2d736f66742e636f6d

Not Before

11/02/2010, 10:15

Not After

11/02/2012, 10:15

Subject

CN=Max Medvedev (http://www.brightek-soft.com),OU=Development,O=Brightek Software,L=Nizhny Novgorod,ST=Russian Federation,C=BS,1.2.840.113549.1.9.1=#0c1761646d696e40627269676874656b2d736f66742e636f6d

99:2e:e0:f0:83:9b:62:4d
Certificate

Issuer

CN=Max Medvedev (http://brightek-soft.com),OU=Development,O=Brightek Software,L=Nizhny Novgorod,ST=Russian Federation,C=BS,1.2.840.113549.1.9.1=#0c1761646d696e40627269676874656b2d736f66742e636f6d

Not Before

11/02/2010, 10:12

Not After

11/02/2015, 10:12

Subject

CN=Max Medvedev (http://brightek-soft.com),OU=Development,O=Brightek Software,L=Nizhny Novgorod,ST=Russian Federation,C=BS,1.2.840.113549.1.9.1=#0c1761646d696e40627269676874656b2d736f66742e636f6d

28:b2:ce:b0:e3:0d:c7:a6:ce:ef:8a:f8:11:59:b5:5d:e1:76:9e:78
Signer

Actual PE Digest

28:b2:ce:b0:e3:0d:c7:a6:ce:ef:8a:f8:11:59:b5:5d:e1:76:9e:78

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.text
Size: 595KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.itext
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 542KB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 88KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Code Sign

01Certificate

99:2e:e0:f0:83:9b:62:4dCertificate

28:b2:ce:b0:e3:0d:c7:a6:ce:ef:8a:f8:11:59:b5:5d:e1:76:9e:78Signer

Headers

File Characteristics

Sections

.text Size: 595KB - Virtual size: 1.7MB

.itext Size: 4KB - Virtual size: 8KB

.data Size: 16KB - Virtual size: 28KB

.bss Size: - Virtual size: 24KB

.idata Size: 4KB - Virtual size: 16KB

.didata Size: 512B - Virtual size: 4KB

.tls Size: - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.reloc Size: - Virtual size: 128KB

.rsrc Size: 542KB - Virtual size: 2.4MB

.aspack Size: 88KB - Virtual size: 92KB

.adata Size: - Virtual size: 4KB

01
Certificate

99:2e:e0:f0:83:9b:62:4d
Certificate

28:b2:ce:b0:e3:0d:c7:a6:ce:ef:8a:f8:11:59:b5:5d:e1:76:9e:78
Signer

.text
Size: 595KB - Virtual size: 1.7MB

.itext
Size: 4KB - Virtual size: 8KB

.data
Size: 16KB - Virtual size: 28KB

.bss
Size: - Virtual size: 24KB

.idata
Size: 4KB - Virtual size: 16KB

.didata
Size: 512B - Virtual size: 4KB

.tls
Size: - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.reloc
Size: - Virtual size: 128KB

.rsrc
Size: 542KB - Virtual size: 2.4MB

.aspack
Size: 88KB - Virtual size: 92KB

.adata
Size: - Virtual size: 4KB