a812f8e2e9e4e19c2cfd6579a5685ad4_JaffaCakes118

General

Target

a812f8e2e9e4e19c2cfd6579a5685ad4_JaffaCakes118
Size

283KB
MD5

a812f8e2e9e4e19c2cfd6579a5685ad4
SHA1

df6332a4b88655c2fefb95fa611acbd68c76e764
SHA256

ffc3a4d4d21f57b4b5dca06d017b6b6c027411dd87b6348daf1837663f9c774e
SHA512

85627807b7f8da33ae79c9e29d2bb71cefa1d533eb284832c95dacebc13897c8c4bd58b757288ec3a2ba5023c0b07779b0b3ab21527ad468611beeb97a45f01e
SSDEEP

6144:V+n1DyNEvLL9gPVJDlQzh9Wg131TmtgMcbWNh96:E1uWTL9gPVJD+9WQ3wKM9H9

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a812f8e2e9e4e19c2cfd6579a5685ad4_JaffaCakes118

Files

a812f8e2e9e4e19c2cfd6579a5685ad4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

__GetExceptDLLinfo
___CPPdebugHook

Sections

.text
Size: 146KB - Virtual size: 332KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 106KB - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

.text Size: 146KB - Virtual size: 332KB

.data Size: 106KB - Virtual size: 232KB

.tls Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 3KB - Virtual size: 12KB

.edata Size: 512B - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 28KB

.reloc Size: - Virtual size: 24KB

.aspack Size: 21KB - Virtual size: 24KB

.adata Size: - Virtual size: 4KB

.text
Size: 146KB - Virtual size: 332KB

.data
Size: 106KB - Virtual size: 232KB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 12KB

.edata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 28KB

.reloc
Size: - Virtual size: 24KB

.aspack
Size: 21KB - Virtual size: 24KB

.adata
Size: - Virtual size: 4KB