b154e7e69b7167723b4bb3f847de968d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b154e7e69b7167723b4bb3f847de968d_JaffaCakes118
Size

88KB
MD5

b154e7e69b7167723b4bb3f847de968d
SHA1

68c9fb7d9297dd0f67fca05ddf4f4945b92ede51
SHA256

4e9067641114934ab5bfaf179b6c5c2e7391837a7d6988a7c1b9f6df8f8f9cf2
SHA512

9a310274cef0d0f4eec27f499445e96324b0dc5a8331963c6a834bf1c6460bca0353aa3f82536b9b97f7698056979f0f879c5c8892d85c113f361603a210b8af
SSDEEP

1536:DthkERQx779GAQ/Pu5unQNZDx1+09BTc1b8n01S6LxU3Wvm:JhkeQu/msQNZOYT0ba01S6tU3Wv

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b154e7e69b7167723b4bb3f847de968d_JaffaCakes118

Files

b154e7e69b7167723b4bb3f847de968d_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

InstallService
ServiceMain
UninstallService
installA
schedule
uninstallA

Sections

.text
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.adata
Size: 4KB - Virtual size: 942B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE