b75f4a54b299908c99ee80babe572b71_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b75f4a54b299908c99ee80babe572b71_JaffaCakes118
Size

524KB
MD5

b75f4a54b299908c99ee80babe572b71
SHA1

45d09f8e05fe6aa924a56227accff668d56e87b0
SHA256

c2d0429ea6c60c153ebbbf19ff79dc21d73767b57dc5a1c71d3df94c7cb36e51
SHA512

eb85ad4193a0de40c9c9547bded6c2e1654b979b801dbf258c01b0abcde1f30e70fb3d52988fe947fef21d2f0a1a71a8a6f45a2cedb91be16687f74d1bb99355
SSDEEP

12288:++56FmYttm87YBW64yA/jn1iPBnhHDiM2gFVV3HafEIoqN5jpxwt5:+ogz3YIXSRhHDiM3VuEIogr2

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
static1/unpack001/诚信通信息重发器/Rsend.exe	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/诚信通信息重发器/Rsend.exe

Files

b75f4a54b299908c99ee80babe572b71_JaffaCakes118
.rar
诚信通信息重发器/Readme.txt
诚信通信息重发器/Rsend.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 303KB - Virtual size: 792KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 157KB - Virtual size: 536KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 30KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
诚信通信息重发器/Rsend.mdb
诚信通信息重发器/UpdateLog.txt
诚信通信息重发器/alirsend.jpg
.jpg
诚信通信息重发器/新云软件.url
.url

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

CODE Size: 303KB - Virtual size: 792KB

DATA Size: 4KB - Virtual size: 12KB

BSS Size: - Virtual size: 8KB

.idata Size: 4KB - Virtual size: 12KB

.tls Size: - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.reloc Size: - Virtual size: 64KB

.rsrc Size: 157KB - Virtual size: 536KB

.aspack Size: 30KB - Virtual size: 32KB

.adata Size: - Virtual size: 4KB

CODE
Size: 303KB - Virtual size: 792KB

DATA
Size: 4KB - Virtual size: 12KB

BSS
Size: - Virtual size: 8KB

.idata
Size: 4KB - Virtual size: 12KB

.tls
Size: - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.reloc
Size: - Virtual size: 64KB

.rsrc
Size: 157KB - Virtual size: 536KB

.aspack
Size: 30KB - Virtual size: 32KB

.adata
Size: - Virtual size: 4KB