382c3bdf1dd615708aedc0477fb7bd67_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

382c3bdf1dd615708aedc0477fb7bd67_JaffaCakes118
Size

46KB
MD5

382c3bdf1dd615708aedc0477fb7bd67
SHA1

842418489236f52ec1c7557e275d121724b058c7
SHA256

2562a81e6cf515c225a00d31835efa4d6fb9822d61b9d4b3760e4d7a70d7c585
SHA512

c2879ca3fe3dc9317f4a269e189293b0339d4e66fc4c615e7e7594de72e55651a0388aec4560c2482bd43d6d79d7b9110f207eed15673e01be51da73bf6763e2
SSDEEP

768:2JhKdIiuTkdvBiApebUXM6qVvZUjcQQeI2wT7yf7vgYbRSt:uhKduYvMApebUdchqw2Bf7g80

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
static1/unpack001/syn.exe	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/syn.exe

Files

382c3bdf1dd615708aedc0477fb7bd67_JaffaCakes118
.zip
src_syn_v1_3.zip
.zip
MainUnit.pas
.js
SocketHeaders.pas
SysUtils2.pas
syn.cfg
syn.dof
syn.dpr
syn.res
winsock2.zip
.zip
WinSock2.pas
.js
info.txt
svcguid.pas
ws2tcpip.inc
wsipx.inc
wsnetbs.inc
wsnwlink.inc
syn.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 10KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

CODE Size: 10KB - Virtual size: 20KB

DATA Size: 512B - Virtual size: 4KB

BSS Size: - Virtual size: 4KB

.idata Size: 1024B - Virtual size: 4KB

.tls Size: - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.reloc Size: - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 4KB

.aspack Size: 6KB - Virtual size: 8KB

.adata Size: - Virtual size: 4KB

CODE
Size: 10KB - Virtual size: 20KB

DATA
Size: 512B - Virtual size: 4KB

BSS
Size: - Virtual size: 4KB

.idata
Size: 1024B - Virtual size: 4KB

.tls
Size: - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.reloc
Size: - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 4KB

.aspack
Size: 6KB - Virtual size: 8KB

.adata
Size: - Virtual size: 4KB