71ab3c31af8eb01fb93fd871ece63272_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

71ab3c31af8eb01fb93fd871ece63272_JaffaCakes118
Size

276KB
MD5

71ab3c31af8eb01fb93fd871ece63272
SHA1

680b69b4f536b7311ea89a82b6dca3db626509ca
SHA256

d126ec21a977097b08c7886eff1c8458dfd2455f4f028379d3b8df060acdc364
SHA512

1c1f6099d50e2dc3fddc524f9714695f7183bc1f751ecce2f43f26b755710aa0fd59393b4fcc69c210617604cd922ba0df18b3a5d86c0aef5c2cdb6a3cd96705
SSDEEP

6144:P1N018LhQq1VBR/7PxjGfABTEBEqA+quYZKsfXC/:P12+XZ64BTEBa5fS/

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
71ab3c31af8eb01fb93fd871ece63272_JaffaCakes118

Files

71ab3c31af8eb01fb93fd871ece63272_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 135KB - Virtual size: 300KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 17KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 85KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE