33a0478062e72ee76a5682dc10be2a89_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

33a0478062e72ee76a5682dc10be2a89_JaffaCakes118
Size

324KB
MD5

33a0478062e72ee76a5682dc10be2a89
SHA1

d51ea9bb3b770589e112e43189d7c0de0f268d0c
SHA256

4950b26e5d0bc45bd281e46d99d9a1927dc7fd17caf69d2349fc20a3cbec74e7
SHA512

db808e6771b0345b7ef5b4ed2c3993ba8baa93d713b29def3ff0ac2b1ce0130566314f8203c817aed06b01ff09c03053fddc48821e97f47154bf22490bd524f8
SSDEEP

6144:2cvBHHTq4PvNPL4FJ9JTMRmJGTJpiJPJvfc9yghfE5HSkYPyjrCDO6ABvk3a9:DdTq4/R9Pok9yghfE5HtYPyjeDPAB8a

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
33a0478062e72ee76a5682dc10be2a89_JaffaCakes118

Files

33a0478062e72ee76a5682dc10be2a89_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

Size: 248KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 9KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 54KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE