6985c723d10392741cc49b46e4ecfbce_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6985c723d10392741cc49b46e4ecfbce_JaffaCakes118
Size

42KB
MD5

6985c723d10392741cc49b46e4ecfbce
SHA1

c151ca99172015bcbd4ccdd03d5e242d79db5c24
SHA256

350063a81e0406ed853a2228f7462542f79af37f0625e30c3e18a6cda98d1ad1
SHA512

ffe10367880b9039a6b2dfc92a6b204cc78b6a639ee72562369112b3693b2fb792eb0a7a93072fc7d70eb45c6242ce966a9f371d1e60adb5ef0974419906f5c9
SSDEEP

768:NesV3c8NVA0f42UKp1JorSbgxaldhpPxzha5A:TMU9ww1JoX2d3t

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6985c723d10392741cc49b46e4ecfbce_JaffaCakes118

Files

6985c723d10392741cc49b46e4ecfbce_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 15KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE