49b4441b73357b75483659fb8fd3ee44_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

49b4441b73357b75483659fb8fd3ee44_JaffaCakes118
Size

159KB
MD5

49b4441b73357b75483659fb8fd3ee44
SHA1

fae5aca6e8f70a3321596c3670be709f071b64f5
SHA256

11d6ed738b956771c9723b8118b6bd9d359410043c7ce282dd9a0922fa4a9148
SHA512

9e88b0592fe58c0843293e3c16a68826a976d858271a9dea02afb3e12864157b4e4b4f988e6456db21889f011b3cb89d7ff257a765a2594efb16a1de26f81bf5
SSDEEP

3072:gQ89Ooo2xKkWk3zK9FzF/8mtu+/T/+Z4M6yi+8Qm8rpbwN8dqio:gN9BowK0+9R1RtumCZ4Vyi4DdoJ

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
49b4441b73357b75483659fb8fd3ee44_JaffaCakes118

Files

49b4441b73357b75483659fb8fd3ee44_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

hnuojroqutvbc

Sections

.text
Size: 142KB - Virtual size: 224KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE