83eb25b27eeb2b2866b04d5d89f3f770_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

83eb25b27eeb2b2866b04d5d89f3f770_JaffaCakes118
Size

28KB
MD5

83eb25b27eeb2b2866b04d5d89f3f770
SHA1

3fb17f402c4ef0e1fb50c8850c772db430b1fa63
SHA256

9623fb7229dc0aa2bd57d209809a625aecdcc764d1c70c55aa0d98dcff5efe61
SHA512

d50de21edc3be14e4566f24823d1badca12490d1a4e7170c9f7e5120a999374b3bac495a1810add6c9a8d7d6c90b3fee882cd1369130c1f1b641d17579cadde3
SSDEEP

768:q416IQEJHC1s1LUynQPSXhFqGIwPijgxwxHha5G:qY6IQAKs1t9PPiKu

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
83eb25b27eeb2b2866b04d5d89f3f770_JaffaCakes118

Files

83eb25b27eeb2b2866b04d5d89f3f770_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

Install
InstallService
Remove
RemoveService
ServiceMain
SetNew
SetNewString

Sections

.text
Size: 11KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE