b35cd39d4d132e5fdd1561644f1d7f4c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b35cd39d4d132e5fdd1561644f1d7f4c_JaffaCakes118
Size

53KB
MD5

b35cd39d4d132e5fdd1561644f1d7f4c
SHA1

c250277669c65a5a8ca6af6676b94a7c0af8826a
SHA256

994302eb33e3da38c27165b7ee9166f880faf46e353d4f21ae5d4d2f832494b0
SHA512

85c789e69643aae65c429956add19c72e79ef2d3114ec62e4238339c33c39cbfd2a6db761c95b003e74eab68d8e6699e8b6e5e810e8ad820019a131d48d5d260
SSDEEP

768:N/EdeVWoFxMq08vcGz+eIPKjKsiYiReftGZ4m7ai5zqqhdGlT18RuvTx2wexIdeV:N/R108EBKY4fU6m7p5zqYiaobz

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b35cd39d4d132e5fdd1561644f1d7f4c_JaffaCakes118

Files

b35cd39d4d132e5fdd1561644f1d7f4c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.jcrkt
Size: 37KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ynkn
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qdwryl
Size: 5KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE