73ff1978d2f8a34a5e5bd29b9c9a5629_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

73ff1978d2f8a34a5e5bd29b9c9a5629_JaffaCakes118
Size

1.2MB
MD5

73ff1978d2f8a34a5e5bd29b9c9a5629
SHA1

29e92c4c23e2c2b2ffee2a6241ba44a384c9a0a2
SHA256

1aa206d25a7e2db79f0c8bff8f1e12d9619cc800c56c5c135e0a3b705f1cfd7f
SHA512

59540ca2c09a878022fd4768c4f93fd1f1798625c1354830661afa2fbb7eb928e1f26671f1130496d92ce37e6bc9cf7880f37c2bd4b4de00cff3e332f93ec1b9
SSDEEP

24576:SRRzrSDkaoiPBB+98o1IiwAvb7QdnuEsLGyow5HGPowcP0lp:SRkDkrDwMGnuEsSPwWlcU

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
73ff1978d2f8a34a5e5bd29b9c9a5629_JaffaCakes118

Files

73ff1978d2f8a34a5e5bd29b9c9a5629_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 880KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 111KB - Virtual size: 328KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 119KB - Virtual size: 1024KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE