4061768b29bc23e18044cad59b71be33_JaffaCakes118 | Triage

Sharing

General

Target

4061768b29bc23e18044cad59b71be33_JaffaCakes118
Size

180KB
MD5

4061768b29bc23e18044cad59b71be33
SHA1

20b4152290dede2ff99068b475f9a710c4fc8152
SHA256

5dc3331492b0e12216914dece9b8e6d9acd44515e8bbdf79df90e059926b0588
SHA512

1ee58e7a1ae0dc98039f725f2c9a15e2e355175895ccac88a5092b95a21fe293d376cecbfb161e823a44ae742e9bfa5656cae45e26d376404a95db4bf289d628
SSDEEP

3072:cdwap6yJbR0197ah3EGflPw+2njuGVYsPImAPWFYxGTIzVsbXzZs7eUBtbEUPjO:Op6yI197s0z6+ILWFYxAYSbXzZvUHb8

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4061768b29bc23e18044cad59b71be33_JaffaCakes118

Files

4061768b29bc23e18044cad59b71be33_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 101KB - Virtual size: 336KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 60KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE