613bb4f1062b1294f0b3e5ee7340c609_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

613bb4f1062b1294f0b3e5ee7340c609_JaffaCakes118
Size

428KB
MD5

613bb4f1062b1294f0b3e5ee7340c609
SHA1

fe15e35de34094668b1a7e752dd7c2e58f3724bc
SHA256

9f6c47acd35c9284186c855c921309461291ed2490d54bcbf0425e08a4b3d8df
SHA512

0e4ee3a10f5d8d682a6cdfdb07edc85cef69f67cc99a7dc1f0e487f3e508b1c00e7e3dca947ea5d26a9489ebb066fa1bd1467c51eb80af1d1da3ac307eb7eefe
SSDEEP

6144:X6jUIqYXHIljBeCRBBrU1PFMTps57wkq81/0pO:BiamHMTUEkv1/0

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
613bb4f1062b1294f0b3e5ee7340c609_JaffaCakes118

Files

613bb4f1062b1294f0b3e5ee7340c609_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 67KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 55KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 108KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE