82e792fdfd62763be50836e1f5214d8d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

82e792fdfd62763be50836e1f5214d8d_JaffaCakes118
Size

598KB
MD5

82e792fdfd62763be50836e1f5214d8d
SHA1

55ccd6b51e2679eeeac6c762f07b913ab5031b94
SHA256

17ef4eab67b8f62ff854cd453ec4126d50ca84a140ed2155f33116fcd0e100a3
SHA512

8b02cb6449cf4cc32ed577530fc76be514b04f79fd6b8ba2ebce91b10fddda0cfd74dd44039e650ced5119c737c95f6f9482797359fbca0d5d2ec7e24ebfe257
SSDEEP

12288:T5S+S1tDhASSEmSuNWtliBkN2888888888888W888888888884MYZW1meyUGparL:T5yASSGupURMYZW1HGcffr

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
82e792fdfd62763be50836e1f5214d8d_JaffaCakes118

Files

82e792fdfd62763be50836e1f5214d8d_JaffaCakes118
.dll regsvr32 windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

Size: 299KB - Virtual size: 832KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 38KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 87KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 153KB - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

Size: 299KB - Virtual size: 832KB

Size: 2KB - Virtual size: 4KB

Size: 4KB - Virtual size: 12KB

Size: - Virtual size: 24KB

Size: 13KB - Virtual size: 16KB

Size: 512B - Virtual size: 4KB

Size: 512B - Virtual size: 4KB

Size: 38KB - Virtual size: 76KB

.rsrc Size: 87KB - Virtual size: 88KB

.data Size: 153KB - Virtual size: 376KB

.adata Size: - Virtual size: 4KB

.rsrc
Size: 87KB - Virtual size: 88KB

.data
Size: 153KB - Virtual size: 376KB

.adata
Size: - Virtual size: 4KB