b82799da2ba769460e743cdbc524c985_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b82799da2ba769460e743cdbc524c985_JaffaCakes118
Size

500KB
MD5

b82799da2ba769460e743cdbc524c985
SHA1

107614a695c6ab314f86168198036383dd512620
SHA256

91cf6abbb63898a2d6ede48af32d568402ad280d8e79de1e57ca4efef40ce04f
SHA512

8f1463ea4390627c87fb204c2b0c0bc2a676dd9421e508dfa85908f1eaf3b20fde8024cf06d3f4db148d38c73581499b25f99713e844464352c6adb20c7542de
SSDEEP

6144:p1gUYafH+GoukVmu7ub2kU8xN7O555Q/zVVPoNFUQI6fhIOvVvL4h+4KMEQk5rey:EUPH+Gosb2kzOVQ/Bpg0vOvVv+S+Zo

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b82799da2ba769460e743cdbc524c985_JaffaCakes118

Files

b82799da2ba769460e743cdbc524c985_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

GetNewInf
GetNewSock

Sections

.text
Size: 324KB - Virtual size: 772KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 20KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 27KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE