2ec22616a28d2adbe71dff454fb506e3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2ec22616a28d2adbe71dff454fb506e3_JaffaCakes118
Size

794KB
MD5

2ec22616a28d2adbe71dff454fb506e3
SHA1

c36e3a0d0da4f44cd3afb07f6d8223d98fad26de
SHA256

c31587efd86ce117a8d8c6a52a36f15241bfe72dedf1a06b9f208da7e6f1be31
SHA512

a79d2095e5004a06f19e08c8293bc7db1eb5cc8306eb99edff00cfd7351eb10f97c78f6b5ce1b63fbaab6893857ec20d15ee8de42a2b5927301576a7fca96a2b
SSDEEP

24576:SFp8Jkdag7cc6T4i3tVom1QpjEkdHBLDKltj6CBx3:Sv8JkQGPw4cth1Qpj1PKltj7L3

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
static1/unpack001/hanziwuxing/汉字五行查询软件.exe	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/hanziwuxing/汉字五行查询软件.exe

Files

2ec22616a28d2adbe71dff454fb506e3_JaffaCakes118
.rar
hanziwuxing/汉字五行查询软件.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 278KB - Virtual size: 660KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 482KB - Virtual size: 944KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 20KB - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE