6567b386983a20b83ae0796abce50fb6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6567b386983a20b83ae0796abce50fb6_JaffaCakes118
Size

1.5MB
MD5

6567b386983a20b83ae0796abce50fb6
SHA1

43f72e59ec3c4cfe07e224beb73be70b363add8d
SHA256

a2150a54e7c81689c711f392f698565e44ee89945a0bcf5defef8b08087812a5
SHA512

aeccfb0c0f7e021730311cf1ecf6595af2580729e093af7591bac8b0d83a03328f260f036f3d8412022ab1abddab31bff26ea7ba174893f443ed54f4d9717622
SSDEEP

49152:s+A7Zm1ACKnAhVO5Vie1ClEJ9JBBXuUS4:qA1NKAhs5Vi3QVX

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6567b386983a20b83ae0796abce50fb6_JaffaCakes118

Files

6567b386983a20b83ae0796abce50fb6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 137KB - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 20KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.1MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: 279KB - Virtual size: 296KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 30KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE