3be4a1d3b4c83d2f8e17a84972c6921c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3be4a1d3b4c83d2f8e17a84972c6921c_JaffaCakes118
Size

544KB
MD5

3be4a1d3b4c83d2f8e17a84972c6921c
SHA1

c850cf437fb446bdc48da19886b4efff9004fc6f
SHA256

fb27115fc854f0d5ad569a70dd4f06cd4cdd957281f999d4229336ad5eef83a4
SHA512

008d4bcc9e2804ca989a08d52eb59d2f541e001e49d1002f62e0fc1e10abae982d98a165b87997b6db7433e1871cb8d5c3be13782814cbd5816bc2d5ce38cdbb
SSDEEP

12288:XgMqZF+aLf6BQn6R6MrTobzykfdOBW1meyUGp+XE:XZqj+aLaQn268+TKW1HG0E

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3be4a1d3b4c83d2f8e17a84972c6921c_JaffaCakes118

Files

3be4a1d3b4c83d2f8e17a84972c6921c_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

Size: 229KB - Virtual size: 544KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 19KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 126KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 151KB - Virtual size: 372KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

Size: 229KB - Virtual size: 544KB

Size: 2KB - Virtual size: 4KB

Size: 4KB - Virtual size: 12KB

Size: - Virtual size: 20KB

Size: 10KB - Virtual size: 12KB

Size: 512B - Virtual size: 4KB

Size: 19KB - Virtual size: 32KB

.rsrc Size: 126KB - Virtual size: 128KB

.data Size: 151KB - Virtual size: 372KB

.adata Size: - Virtual size: 4KB

.rsrc
Size: 126KB - Virtual size: 128KB

.data
Size: 151KB - Virtual size: 372KB

.adata
Size: - Virtual size: 4KB