474f88afa1717ca513aced53df076ddf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

474f88afa1717ca513aced53df076ddf_JaffaCakes118
Size

183KB
MD5

474f88afa1717ca513aced53df076ddf
SHA1

55b0ed2608b4e4766b8d7a80928e6f1eb8b2e981
SHA256

b515d888c2c768e24c04ec6f56df14eeb44ef1bac0a3e8507f4eb87722fe1e24
SHA512

5cebc1b3bdf83908eeb9afa588e386a09d85d35cb3486be83ec0c473b712c57db86f9b2195e953733905b65094537523580907a6230c0a9961cdf4543757b65d
SSDEEP

3072:nxI3QbDIkxzcLpD43wZERutGpwW+97/rAGvNCu7i6H/61qqk+iJY:zh2LlPZERutGpA/EeL7Z/61hPi2

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
474f88afa1717ca513aced53df076ddf_JaffaCakes118

Files

474f88afa1717ca513aced53df076ddf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 14KB - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 27KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 94KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE