411f31c26bb7761096e9cae4659c75af_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

411f31c26bb7761096e9cae4659c75af_JaffaCakes118
Size

257KB
MD5

411f31c26bb7761096e9cae4659c75af
SHA1

47fd9211dd3bb5bd731718dcb62eefa4f791aaff
SHA256

3d10193ed2ab89f948081745a6a476d830af84c5f4ff157860f7caaf01231c01
SHA512

f7cd6bce509569083f8a3ace28b38c95638578d2faaeb7fcd0fb1011f5707b5f4094222b063f98ce31ad93028f11070ad93400170da736e33c3694c6bc5522e2
SSDEEP

6144:Dv85eX1W1j7Z6nDhYRlljrr8rq/NTG47QUmDv75X:Dv8YFwjF2DSPljH8Q1k5b75X

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
static1/unpack001/PDiffusiveDLL/CodeFantasy.dll	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/PDiffusiveDLL/CodeFantasy.dll

Files

411f31c26bb7761096e9cae4659c75af_JaffaCakes118
.rar
PDiffusiveDLL/CodeFantasy.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

PrMon1
PrMon10
PrMon11
PrMon12
PrMon13
PrMon14
PrMon15
PrMon16
PrMon17
PrMon18
PrMon19
PrMon2
PrMon20
PrMon21
PrMon22
PrMon23
PrMon24
PrMon25
PrMon3
PrMon4
PrMon5
PrMon6
PrMon7
PrMon8
PrMon9

Sections

CODE
Size: 161KB - Virtual size: 428KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 19KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 17KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PDiffusiveDLL/Delphi Demos/注册机示例/DllKeyGen.cfg
PDiffusiveDLL/Delphi Demos/注册机示例/DllKeyGen.dof
PDiffusiveDLL/Delphi Demos/注册机示例/DllKeyGen.dpr
PDiffusiveDLL/Delphi Demos/注册机示例/DllKeyGen.res
PDiffusiveDLL/Delphi Demos/注册机示例/InterfaceUnit.dcu
PDiffusiveDLL/Delphi Demos/注册机示例/InterfaceUnit.pas
PDiffusiveDLL/Delphi Demos/注册机示例/InterfaceUnit.~pas
PDiffusiveDLL/Delphi Demos/注册机示例/Main.dcu
PDiffusiveDLL/Delphi Demos/注册机示例/Main.ddp
PDiffusiveDLL/Delphi Demos/注册机示例/Main.dfm
PDiffusiveDLL/Delphi Demos/注册机示例/Main.pas
PDiffusiveDLL/Delphi Demos/注册机示例/Main.~ddp
PDiffusiveDLL/Delphi Demos/注册机示例/Main.~dfm
PDiffusiveDLL/Delphi Demos/注册机示例/Main.~pas
PDiffusiveDLL/Delphi Demos/软件加密示例/DllDemo.cfg
PDiffusiveDLL/Delphi Demos/软件加密示例/DllDemo.dof
PDiffusiveDLL/Delphi Demos/软件加密示例/DllDemo.dpr
PDiffusiveDLL/Delphi Demos/软件加密示例/DllDemo.res
PDiffusiveDLL/Delphi Demos/软件加密示例/DllDemo.~dpr
PDiffusiveDLL/Delphi Demos/软件加密示例/InterfaceUnit.dcu
PDiffusiveDLL/Delphi Demos/软件加密示例/InterfaceUnit.pas
PDiffusiveDLL/Delphi Demos/软件加密示例/InterfaceUnit.~pas
PDiffusiveDLL/Delphi Demos/软件加密示例/Main.dcu
PDiffusiveDLL/Delphi Demos/软件加密示例/Main.ddp
PDiffusiveDLL/Delphi Demos/软件加密示例/Main.dfm
PDiffusiveDLL/Delphi Demos/软件加密示例/Main.pas
PDiffusiveDLL/Delphi Demos/软件加密示例/Main.~ddp
PDiffusiveDLL/Delphi Demos/软件加密示例/Main.~dfm
PDiffusiveDLL/Delphi Demos/软件加密示例/Main.~pas
PDiffusiveDLL/Visual Basic Demos/Registry.bas
.vbs
PDiffusiveDLL/Visual Basic Demos/注册机示例/Form1.frm
PDiffusiveDLL/Visual Basic Demos/注册机示例/MSSCCPRJ.SCC
PDiffusiveDLL/Visual Basic Demos/注册机示例/VBDLLKeyGen.vbp
PDiffusiveDLL/Visual Basic Demos/注册机示例/VBDLLKeyGen.vbw
PDiffusiveDLL/Visual Basic Demos/软件加密示例/DllDemo.vbp
PDiffusiveDLL/Visual Basic Demos/软件加密示例/DllDemo.vbw
PDiffusiveDLL/Visual Basic Demos/软件加密示例/Form1.frm
.vbs
PDiffusiveDLL/Visual Basic Demos/软件加密示例/MSSCCPRJ.SCC
PDiffusiveDLL/help/HELP.CHM
.chm
PDiffusiveDLL/下载说明.htm
.html .js polyglot
下载说明.htm
.html .js polyglot

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

CODE Size: 161KB - Virtual size: 428KB

DATA Size: 19KB - Virtual size: 28KB

BSS Size: - Virtual size: 4KB

.idata Size: 3KB - Virtual size: 12KB

.edata Size: 512B - Virtual size: 4KB

.reloc Size: 17KB - Virtual size: 28KB

.rsrc Size: 8KB - Virtual size: 24KB

.aspack Size: 5KB - Virtual size: 8KB

.adata Size: - Virtual size: 4KB

CODE
Size: 161KB - Virtual size: 428KB

DATA
Size: 19KB - Virtual size: 28KB

BSS
Size: - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 12KB

.edata
Size: 512B - Virtual size: 4KB

.reloc
Size: 17KB - Virtual size: 28KB

.rsrc
Size: 8KB - Virtual size: 24KB

.aspack
Size: 5KB - Virtual size: 8KB

.adata
Size: - Virtual size: 4KB