6152acf4ee7787ef9ac5739e5513919b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6152acf4ee7787ef9ac5739e5513919b_JaffaCakes118
Size

303KB
MD5

6152acf4ee7787ef9ac5739e5513919b
SHA1

3b4090d02a0909fa1c7a27c3bf35c1d0e548cbfe
SHA256

f17a82ff14eabacdfcafdf55144d0b7b631bf4e3c8d67fd15975df2e20031033
SHA512

ddcc9ea0c10942069fc2aff9757506bacc34f6c89fdabf708b579ddfb1fd1786656fa098a7b695af1a73646fb07a61c059bd25ee59f2ee3e9ce925ab25f53c84
SSDEEP

6144:/zYf/twW7Tv0zYm6JzKHdYnHGX+BE/49de5/A+L6gglYDcTpv1Vp22V:/zO/qW7TszqlbH2+BE/Ua/A+LhwYDgpF

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
static1/unpack001/GGRadio.exe	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/GGRadio.exe

Files

6152acf4ee7787ef9ac5739e5513919b_JaffaCakes118
.rar
155绿色软件站.url
.url
GGRadio.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 211KB - Virtual size: 444KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 41KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 18KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE