71af2c1ce4de0bccbd800d420a7c6052_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

71af2c1ce4de0bccbd800d420a7c6052_JaffaCakes118
Size

300KB
MD5

71af2c1ce4de0bccbd800d420a7c6052
SHA1

8ba4fd523ae5f05d78754f1cf067e569ddf85d8f
SHA256

9127407129ecfb33ccb47ff102533db8cd9d1f4163faac12537990cf08575aa9
SHA512

ce511a3e5402162eee5cf23e143fa24e0ef433fa5035f041a606817bf0178524a1a4b1e3224d5c503051fd843fe13fcafbf8eeec69e2d96411cbd24f59a2fcf6
SSDEEP

6144:35of7hGiUzKHGfF0l0nyc8PXwUWOpc5qz6BIFjRags5HhtJtU/8M:af7hQuwpT+A75OrDBsrDm0M

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
static1/unpack001/375226985/Project1.exe	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/375226985/Project1.exe

Files

71af2c1ce4de0bccbd800d420a7c6052_JaffaCakes118
.rar
375226985/Clear.bat
375226985/ClearDCU.bat
375226985/Project1.dpr
375226985/Project1.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 262KB - Virtual size: 680KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.s5
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
375226985/Project1.res
375226985/Unit1.dfm
375226985/Unit1.pas
375226985/Unit2.dfm
375226985/Unit2.pas
375226985/Unit3.dfm
375226985/Unit3.pas
375226985/guest.mdb
375226985/sFormUnit.dfm
375226985/sFormUnit.pas
.js
375226985/下载说明.htm
.html .js polyglot

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

CODE Size: 262KB - Virtual size: 680KB

DATA Size: 3KB - Virtual size: 8KB

BSS Size: - Virtual size: 4KB

.idata Size: 3KB - Virtual size: 12KB

.tls Size: - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.reloc Size: - Virtual size: 52KB

.rsrc Size: 13KB - Virtual size: 48KB

.s5 Size: 9KB - Virtual size: 12KB

.adata Size: - Virtual size: 4KB

CODE
Size: 262KB - Virtual size: 680KB

DATA
Size: 3KB - Virtual size: 8KB

BSS
Size: - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 12KB

.tls
Size: - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.reloc
Size: - Virtual size: 52KB

.rsrc
Size: 13KB - Virtual size: 48KB

.s5
Size: 9KB - Virtual size: 12KB

.adata
Size: - Virtual size: 4KB