738bf052d35baefbd0b9d936e26e6683_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

738bf052d35baefbd0b9d936e26e6683_JaffaCakes118
Size

593KB
MD5

738bf052d35baefbd0b9d936e26e6683
SHA1

f80c300996cacaca46a151140bcf74ab17de751c
SHA256

2c68e8cee069f64eca1cfd10a977bc5611e51b86540339be36f5cf88c048bd5b
SHA512

14c2dbbb71b19806dd2a78cb6b34f03ef9ba9e923bd82e4b9dc3925d96ef1b134921867d4db1e12998f752a39c29efb1c9d280f208189111f182c215d41f8b8c
SSDEEP

12288:Kok9Lumxa8LobvWg4M+GFuXJTcPJ3nvq3kVYY8Jh0fWrQX/H2NZV:KNQKQRWou2J3yoYJhIQ4Qn

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
738bf052d35baefbd0b9d936e26e6683_JaffaCakes118

Files

738bf052d35baefbd0b9d936e26e6683_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 330KB - Virtual size: 804KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 123KB - Virtual size: 688KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 28KB - Virtual size: 584KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nbpack
Size: 103KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE