78ecdad49ddfca74f98d9457a1627198_JaffaCakes118 | Triage

Sharing

General

Target

78ecdad49ddfca74f98d9457a1627198_JaffaCakes118
Size

33KB
MD5

78ecdad49ddfca74f98d9457a1627198
SHA1

401b4fe59c6da738325ded58a0b94ff63d8d3a07
SHA256

a48a52f0cf3a293b6884bf44248f4a68a0a1273e95a43906160b9e1c85bb33f8
SHA512

da74675d9ba0fc80b6ad5c5a03bf3b130cb115263d689f546e6d0571f1778ff2d98f19927220239ebddbb4cfce2d1dfec6e2ee63dd48d6120cfac727e9857b63
SSDEEP

768:Edz0ufb9d5c6Eed2p7Y3HV+c54a4cjqF2myLoNkuMRo3BD+wyM/:sz0ufhDc0d2pa4sqF5k3RoV+wyM/

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
static1/unpack001/shmnview.exe	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/shmnview.exe

Files

78ecdad49ddfca74f98d9457a1627198_JaffaCakes118
.rar
shmnview.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 21KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
南方的雨博客 - 原创技术交流博客.url
.url
必读.txt
新云软件.url
.url