c96ca2e84e1b1ea0c19f13e19e5c7728_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c96ca2e84e1b1ea0c19f13e19e5c7728_JaffaCakes118
Size

3.5MB
MD5

c96ca2e84e1b1ea0c19f13e19e5c7728
SHA1

85502ad2c34aedee1c30075bd7dd77e11da0a124
SHA256

d104fdcf507cf11b44deb95786eb9b414aa921ef80572f7026ba5cb2caa9f456
SHA512

0b9284bf471f8542d90f19a5c884f47b73e7f077a265c97efdf76dd3880b8bd7e54a15d6e339455af08e621dd5b5b632dec6a1cdc8ac7a71f678bd48313c9740
SSDEEP

98304:7DaNd04LLI+3usZqBZqz+6eDxoAbzgv9ND+iGinS6u1:+LI4sBZU+6eDCA/INDDGiSL

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c96ca2e84e1b1ea0c19f13e19e5c7728_JaffaCakes118

Files

c96ca2e84e1b1ea0c19f13e19e5c7728_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.nsp0
Size: - Virtual size: 5.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp1
Size: 2.5MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp2
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1005KB - Virtual size: 4.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 30KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE