8a4d5f6fb0e516843fe41402ee221458_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8a4d5f6fb0e516843fe41402ee221458_JaffaCakes118
Size

379KB
MD5

8a4d5f6fb0e516843fe41402ee221458
SHA1

9125a32d6b19f8bb68ce1ecf5649bbd374b2afdb
SHA256

029b747fa1ca03a8a769b5bd75256ec71164f09420bbc2d7c8e371ca2d80e710
SHA512

cbb116e50b736a2ac8600dd49ce8d0371c452c4f1a9f4c8d867af0a76526449be1bef9aae6c1083eab23aab4859c197629de9b4cb4d9b512e2f7aa9341dc349d
SSDEEP

6144:jnrp9eh7nShQDW3nkKQ6TcdnAJQke7+VZ6NsO7Yxri/qctKerKOMrUkqdgJ:jnfeh7zcNTEnAJQkPAuO7Yxri/qiK6yU

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8a4d5f6fb0e516843fe41402ee221458_JaffaCakes118

Files

8a4d5f6fb0e516843fe41402ee221458_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 16KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 351KB - Virtual size: 916KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE