4d0746ef87181f4e49e840b2ceff51f1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4d0746ef87181f4e49e840b2ceff51f1_JaffaCakes118
Size

320KB
MD5

4d0746ef87181f4e49e840b2ceff51f1
SHA1

8537733ec03337947454dc3380d546516537704a
SHA256

c96a1c37e55442ebf65a297207f96d43077435509664e03a0cf780ca4f36c335
SHA512

837ece9b45ed5bf85165306f512c92825e9c1404b563e8d39c47939fba36c1ddbcd9ef99e59ff58bfac9c78336370009e9eef9be45273aa218ce7b28e6c704d7
SSDEEP

6144:mzhfqH0WUTL0n8oGmXlUFzvUZOW/rIvcmGFNFim5fwJvJOzWMfGVI22KxbrQqJ3S:ghw0jTC85FIrZPFjyvczuLbJQuC

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d0746ef87181f4e49e840b2ceff51f1_JaffaCakes118

Files

4d0746ef87181f4e49e840b2ceff51f1_JaffaCakes118
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 312KB - Virtual size: 316KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE