2f35b64acc4ac1b937dee90b0c4ffd4f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2f35b64acc4ac1b937dee90b0c4ffd4f_JaffaCakes118
Size

41KB
MD5

2f35b64acc4ac1b937dee90b0c4ffd4f
SHA1

2dd3c127ef07b9d370b54834b43da42d0bcf4920
SHA256

0069cf1f1a2e4fa007b69209caf80b5c6039515c36d7d41fafe6390d7aef1218
SHA512

91e78f880c337494fcf2edbb93d5dc5d137b360778c19b0fd58e495f7c3c580bd3204c9032f58731edd6b96735bafbec362161ca17ba314539c97ce56d86ef99
SSDEEP

768:EDfDTsJDIXF8xaY+8c9nrQlnKr5RPaLrcgiOgMJwABrW5iqCcWYj0DJG7JxLLoIt:EDfDTsqF8xjcQeP2cnOgohrW5IcWYj0g

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f35b64acc4ac1b937dee90b0c4ffd4f_JaffaCakes118

Files

2f35b64acc4ac1b937dee90b0c4ffd4f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

Sections

BitArts
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RSRC
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BitArts
Size: 5KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BitArts
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE