69b276a6dcc2564ee86ae489747cb046_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

69b276a6dcc2564ee86ae489747cb046_JaffaCakes118
Size

781KB
MD5

69b276a6dcc2564ee86ae489747cb046
SHA1

e944f1fe456e496b1bdd82de3dda715b63d78085
SHA256

5c2d701c7aeb9aff4970dd0857a43a5d26c9016de2d683522a59a99c8ba9dc0a
SHA512

d9383156ce03700955d93776268087ad2fb3da9804775cb5de80d71e1f3379c2ac8e83d025f823b184706d2fb4d0116d30a26f0cab22d157c36a42cd0ccf678b
SSDEEP

24576:1wtBAhaEE9Ca2FUBrvOktLAAwKcU6pdfR8ZU:2D6fO72FcO8LxwokRUU

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
69b276a6dcc2564ee86ae489747cb046_JaffaCakes118

Files

69b276a6dcc2564ee86ae489747cb046_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

Size: 442KB - Virtual size: 800KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 11KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 315KB - Virtual size: 316KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE