3e0aa3b1c53dcbe4a462e4e591016296_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3e0aa3b1c53dcbe4a462e4e591016296_JaffaCakes118
Size

99KB
MD5

3e0aa3b1c53dcbe4a462e4e591016296
SHA1

5584b730adbc955d1c7c04ba51c92dc1ff73a5f9
SHA256

010ae5288d5ddcba4c19853e43b1232401a7aafaa47bde6dfe6a613bdb994ad6
SHA512

b593f35dc2d1585297bb77af32807c4038bcd8c8d59b7799638e468f6745697f3b54b7c39cc4b32b0344611a9454212ffbaec47709c2e7fc5539875d7499b9ec
SSDEEP

1536:txpcvh+pXEXzBxvBRttLCWvQ77T6ue99X74uHBvoPt0KfBTgwCvenxRWyO2:7ppp8BxvBDtCWvQHUnX74koBnCv2ph

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e0aa3b1c53dcbe4a462e4e591016296_JaffaCakes118

Files

3e0aa3b1c53dcbe4a462e4e591016296_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.data
Size: 90KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE