83f08221b87b268de9621ba9b3fde3a0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

83f08221b87b268de9621ba9b3fde3a0_JaffaCakes118
Size

367KB
MD5

83f08221b87b268de9621ba9b3fde3a0
SHA1

f78fc024200b634f70da447ae3422763d5a7cec7
SHA256

934f62bf14dc538f579987bf3e4551fdd6cd510aa280e4d31d1cb5c2b1cc2657
SHA512

f18d8b3bde0f8837a466db6975d7b00593bd22cc5492bba9eb3f424e5c789d9d704b8a9088bcc94d6b9899642af576dd0c69c9485fce7a2d8de093c738301d17
SSDEEP

6144:RhXS4cKPCyqNEgH/xDS9+A0hGV1GL2BHK1iBOWeuHlYUImYe8twfbnMhi4DQ4Oht:RhC4c2CZfxDY+A0hGe8H7euopepMu4Xi

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
static1/unpack001/webLinkTest/webLinkTest.exe	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/webLinkTest/webLinkTest.exe

Files

83f08221b87b268de9621ba9b3fde3a0_JaffaCakes118
.rar
webLinkTest/data/DefButton.bmp
webLinkTest/data/fMain_Edt1.ini
webLinkTest/data/fMain_Edt1_Link.ini
webLinkTest/data/fMain_Options.ini
webLinkTest/webLinkTest.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 324KB - Virtual size: 848KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 5KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
webLinkTest/新云软件.url
.url

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

CODE Size: 324KB - Virtual size: 848KB

DATA Size: 5KB - Virtual size: 16KB

BSS Size: - Virtual size: 8KB

.idata Size: 4KB - Virtual size: 12KB

.tls Size: - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.reloc Size: - Virtual size: 64KB

.rsrc Size: 15KB - Virtual size: 72KB

.aspack Size: 29KB - Virtual size: 32KB

.adata Size: - Virtual size: 4KB

CODE
Size: 324KB - Virtual size: 848KB

DATA
Size: 5KB - Virtual size: 16KB

BSS
Size: - Virtual size: 8KB

.idata
Size: 4KB - Virtual size: 12KB

.tls
Size: - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.reloc
Size: - Virtual size: 64KB

.rsrc
Size: 15KB - Virtual size: 72KB

.aspack
Size: 29KB - Virtual size: 32KB

.adata
Size: - Virtual size: 4KB