5b35d71c00c6669f256e7f873dfd500d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5b35d71c00c6669f256e7f873dfd500d_JaffaCakes118
Size

294KB
MD5

5b35d71c00c6669f256e7f873dfd500d
SHA1

5359e1fa3d2ef6768df71ee67218cc987fd6ff87
SHA256

40eee5f760abb83eb4cce3bb53db02125b721db055e6c6b3cfd279fa9d3957f4
SHA512

d62a928b0c9120a19de736d5652eb95ad1d149825e91795d95e04d085e8ee4a5d361b2b41afd5109cbda73d99ac226ea14236df148abc7ce1bc89d0d2d9792d2
SSDEEP

6144:hRmLIc+/L4zy+Ti78KxBKabGG5lmIimh/ZryQ8rhqI81tRCXw4J4O8/N0:hRmhiV7FbGGSIHPxHIyRCg4J4t/q

Score

7^/10

vmprotect aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
sample	aspack_v212_v242

VMProtect packed file 1 IoCs

Detects executables packed with VMProtect commercial packer.

vmprotect

resource	yara_rule
sample	vmprotect

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b35d71c00c6669f256e7f873dfd500d_JaffaCakes118

Files

5b35d71c00c6669f256e7f873dfd500d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.nsp0
Size: - Virtual size: 696KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp1
Size: 512B - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp2
Size: - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp3
Size: 262KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp4
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp1
Size: 22KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.109
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

.nsp0 Size: - Virtual size: 696KB

.nsp1 Size: 512B - Virtual size: 32KB

.nsp2 Size: - Virtual size: 56KB

.nsp3 Size: 262KB - Virtual size: 276KB

.nsp4 Size: - Virtual size: 4KB

.vmp0 Size: - Virtual size: 12KB

.vmp1 Size: 22KB - Virtual size: 24KB

.reloc Size: - Virtual size: 4KB

.109 Size: 512B - Virtual size: 4KB

.aspack Size: 7KB - Virtual size: 8KB

.adata Size: - Virtual size: 4KB

.nsp0
Size: - Virtual size: 696KB

.nsp1
Size: 512B - Virtual size: 32KB

.nsp2
Size: - Virtual size: 56KB

.nsp3
Size: 262KB - Virtual size: 276KB

.nsp4
Size: - Virtual size: 4KB

.vmp0
Size: - Virtual size: 12KB

.vmp1
Size: 22KB - Virtual size: 24KB

.reloc
Size: - Virtual size: 4KB

.109
Size: 512B - Virtual size: 4KB

.aspack
Size: 7KB - Virtual size: 8KB

.adata
Size: - Virtual size: 4KB