6133416ba88828774e91d42fb9d69cb5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6133416ba88828774e91d42fb9d69cb5_JaffaCakes118
Size

203KB
MD5

6133416ba88828774e91d42fb9d69cb5
SHA1

906b04157a1cafabbdd1a1a43e1b1efc639e03f7
SHA256

b4b269ed67d6886d1f4e2c13256cb68752cbd4879b9f64e1cad36346a9d53c45
SHA512

66c073df2f849204a6a0b5190e00ce67b14e4faf411ce294a07c9b1f2da0692faac6e358e0182c5ba44ad330d4d2ee1fe2b20def34585932f78d4ca4e4ddf2ae
SSDEEP

3072:0SNaT9/+sGsS/mCbpQ1tt1/Xda6l5Kw9mdQyfQbJ8AfXE3FO8YnNYJ07ToCIfr:JzpmCb2t1vdamvufQbJTU3FO821TW

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6133416ba88828774e91d42fb9d69cb5_JaffaCakes118

Files

6133416ba88828774e91d42fb9d69cb5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 195KB - Virtual size: 500KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE