c1d4c958e4cb844d769cbc3cd1650ccc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c1d4c958e4cb844d769cbc3cd1650ccc_JaffaCakes118
Size

32KB
MD5

c1d4c958e4cb844d769cbc3cd1650ccc
SHA1

851cbed2bce1e60101791faeec3113b415b5d610
SHA256

cf85cd3116ee86c06d9943bfb3ce38e899a2e1198754632cdba4c972506875f0
SHA512

72a3b5c5a0f27d7a72256e0d81bd28a282c6dc6af924f57295a9ccb1b01ec732cfa6316147b85b4609e0e34765fa7b5066177ac25ca96d38accdcaed58b1751d
SSDEEP

384:RUNg78WLhFe03v7vU+CsIIe2svEzt36qb3leIzhh60rS3qu0q8NOHAxur6+e9PfW:GWLi037U+5IIeopz3MQ+3AxBha5

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c1d4c958e4cb844d769cbc3cd1650ccc_JaffaCakes118

Files

c1d4c958e4cb844d769cbc3cd1650ccc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 21KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE