84d41ae9931ebc2d6c472e0d7d11132b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

84d41ae9931ebc2d6c472e0d7d11132b_JaffaCakes118
Size

36KB
MD5

84d41ae9931ebc2d6c472e0d7d11132b
SHA1

48ed19d7cb08e58ed109ee36efb992fcea676112
SHA256

bbc056f737040f811674a8dfcca0aa1dd64e0360a1cc4dff96508fa580fcc6fc
SHA512

7e1790031a326e014b51a788a3cf990fb1568754db5cb896a35effba70f4090f716fb5350d980d3122f6bf674b213ef3597290f045bbac1bd8a9ca4355f500d1
SSDEEP

768:xrdgLPPJtFrCZ0syWNJScICnWa0xDabJGC39nz0fJG1Jx8LoIme:BG9td20mNMcIr4bJGC3lz0fJPd

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
84d41ae9931ebc2d6c472e0d7d11132b_JaffaCakes118

Files

84d41ae9931ebc2d6c472e0d7d11132b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 5KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE