5c6b119c5fcb94e523a2aec0f72a1cf2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5c6b119c5fcb94e523a2aec0f72a1cf2_JaffaCakes118
Size

161KB
MD5

5c6b119c5fcb94e523a2aec0f72a1cf2
SHA1

0a690d6c68fe37ed688f98068546ab54b840d30f
SHA256

46eaf29e4d942ea3d4be78eed01a60dfc8baca8b2339fad2125116d0b36e47a7
SHA512

e09fd936640f57f178d695cc95f1e73233f72c44390a45c6abc47ac59ec52ef3f7a97425693253706b7dd079a5435351cd10c955bd2212e4be86e8433303622d
SSDEEP

3072:/gbT2EbV812kJBdEeRHBva58OqanAPBIBG6HHj7qGX1CTYxIfgEKPYg7s:4X2zfdEe/O8OqjikEjGGXxygKes

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
static1/unpack001/keygen.exe	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/keygen.exe

Files

5c6b119c5fcb94e523a2aec0f72a1cf2_JaffaCakes118
.zip
MagicMine7650.SIS
blzpda.nfo
file_id.diz
keygen.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 24KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE