b07321517ce44970e2d7a59c9a31b12c_JaffaCakes118 | Triage

Sharing

General

Target

b07321517ce44970e2d7a59c9a31b12c_JaffaCakes118
Size

228KB
MD5

b07321517ce44970e2d7a59c9a31b12c
SHA1

b47d46d5e4a935813cda9f610d30130a9a2d2553
SHA256

377531b63769cfdd132d9eacdc2e6d614471469f1b6027a4dbdf26e8b4444963
SHA512

96a6d7a6cc5d0fcb559bea301c1e42c837ef772cee42d2733f4b1db2941615a56357a1340b65db805575da6da73e6bda44eb8b31f0e63f0759f1b28a36add3f3
SSDEEP

3072:lfdGS9YM8SnzTEnuU2OYyDiqwkw2GlAwVCLL5iPuxqKf3EB97:lfdGSqLczTEnt2OYyDpwmGlLo5MKfq97

Score

7^/10

aspackv2 upx

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b07321517ce44970e2d7a59c9a31b12c_JaffaCakes118

Files

b07321517ce44970e2d7a59c9a31b12c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.NewIID
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE