4c96c4c89ee80345b28642547345717f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

4c96c4c89ee80345b28642547345717f_JaffaCakes118
Size

1.0MB
MD5

4c96c4c89ee80345b28642547345717f
SHA1

f7cd28534a7da28bd9cce412f720a37fc376182c
SHA256

db1dad2140de6be40942f59cb6365011a7e3bcaa62b96d8a4319119aa7acde91
SHA512

fd8eb7a22365552f03fd7ebf4309cb704759f19000dfaf361d730818f5eeb4770f0c6d5f8284a3a9607c20907348844c26e3b23460fcc5780eadfb383523e764
SSDEEP

24576:rQ5Ar+GDOAmrDVGHoOMVIfBHFNScYKrJXJXqe8iDeXJnIPqWmeAC:E5ArbD4FGB4IjNDfrjqe8iqx7W1AC

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
static1/unpack001/系统优化大师/yhds.exe	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/系统优化大师/yhds.exe

Files

4c96c4c89ee80345b28642547345717f_JaffaCakes118
.rar
系统优化大师/clocker.dat
系统优化大师/lfz.ini
系统优化大师/rsd/files.rsd
系统优化大师/rsd/process.rsd
系统优化大师/rsd/registry.rsd
系统优化大师/rsd/regsvr.rsd
系统优化大师/set.dll
系统优化大师/yhds.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 656KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 7KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 375KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 103KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

CODE Size: 656KB - Virtual size: 1.8MB

DATA Size: 7KB - Virtual size: 20KB

BSS Size: - Virtual size: 8KB

.idata Size: 5KB - Virtual size: 16KB

.tls Size: - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.reloc Size: - Virtual size: 124KB

.rsrc Size: 375KB - Virtual size: 1.4MB

.aspack Size: 103KB - Virtual size: 104KB

.adata Size: - Virtual size: 4KB

CODE
Size: 656KB - Virtual size: 1.8MB

DATA
Size: 7KB - Virtual size: 20KB

BSS
Size: - Virtual size: 8KB

.idata
Size: 5KB - Virtual size: 16KB

.tls
Size: - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.reloc
Size: - Virtual size: 124KB

.rsrc
Size: 375KB - Virtual size: 1.4MB

.aspack
Size: 103KB - Virtual size: 104KB

.adata
Size: - Virtual size: 4KB