39581f7809b7be6bd6a4dda70c092fa6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

39581f7809b7be6bd6a4dda70c092fa6_JaffaCakes118
Size

369KB
MD5

39581f7809b7be6bd6a4dda70c092fa6
SHA1

5383aff88fd44d1a061950ff80ee0f6e778a47f7
SHA256

2fda53094decd1c0ea901037fea42c17cde3ef07a3d0f5d2f875e080a9676dda
SHA512

9c2811bb6ac3e7d7d617005bb7fe1072e8748b8c7547fc3dfb9d921e75b7127200e4658ab90f358d79fd884d40c9a0f0937cddf6b8e5ec535dcf3f20f841c82a
SSDEEP

6144:XcFNZD+0BVowaAe/qY0nXLt//4C7mCIcCSeXlKhTsAyMbvh+evmJxfLj7pzQbVkm:XcrF+0sAsqTnX5/e0CHY5dykhdvGGx

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
39581f7809b7be6bd6a4dda70c092fa6_JaffaCakes118

Files

39581f7809b7be6bd6a4dda70c092fa6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.Scpack
Size: - Virtual size: 340KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.TEXT
Size: 341KB - Virtual size: 368KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RSRC
Size: 4KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 22KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE