5f92e1a3d211fb6cc477f125d123d413_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5f92e1a3d211fb6cc477f125d123d413_JaffaCakes118
Size

408KB
MD5

5f92e1a3d211fb6cc477f125d123d413
SHA1

ecee99798835842c8c8a38ec758c3445baad7c97
SHA256

b064d954677ac5155a9e2385499dd20876207e6c680be05c727c9218102d3b84
SHA512

c77ccdb94fbe08b93a276b85a06a28b0abf6554c96edf41a47e70cf579ef3013909db25cf4e78d27daf278e05eb731b41383a22ff9a1105a9b83754357bcac58
SSDEEP

6144:ffLL6t6X5F9UlF2idZecnl20lHRxp3g9MvvXwWQOISEi0sR572MOCX2Sfq1a53lx:XLm25F9UvF3Z4mxxemXQxli0s8NBWqg

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5f92e1a3d211fb6cc477f125d123d413_JaffaCakes118

Files

5f92e1a3d211fb6cc477f125d123d413_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 21KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 57KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 328KB - Virtual size: 332KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE