a6bfe210a97510265e8fd912a8b749ab_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a6bfe210a97510265e8fd912a8b749ab_JaffaCakes118
Size

64KB
MD5

a6bfe210a97510265e8fd912a8b749ab
SHA1

a96d95668eb60e5cd8a16a073b8823dc241a0038
SHA256

a52012455ae33d89f3a8504aad132f368480ca211e3989fd464d18c4c9aaf8b2
SHA512

0cce67db402b243c2d128b016fc98d3db391c5260566ececd72456d7fd9ea117474eda880e715185d2ad7cfcef92134768d5e552edafe3cd0410e0af4e1ac81e
SSDEEP

768:lSuO+DzbAElfs5y9geW1WKLHu37Ku2gVYxnha5:vDRl05yJW1WKu37Kv+2

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a6bfe210a97510265e8fd912a8b749ab_JaffaCakes118

Files

a6bfe210a97510265e8fd912a8b749ab_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 12KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE