d1e03e421a4440a355a2fdb117a7d346_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d1e03e421a4440a355a2fdb117a7d346_JaffaCakes118
Size

1.1MB
MD5

d1e03e421a4440a355a2fdb117a7d346
SHA1

d1b5e1da81af86d9b376cf70347cadf8b38477db
SHA256

47080d31fdc3ca336ef7669ffb056ade0ff69353c6798ac4a4de51546f208e57
SHA512

7e32865634fcd368fe0401d5e8359809747feb9c4f0716f8561b780b44bb1928cdd507fc7c8ee3a12e241242d218c6a30ffc273b436cea3543b5b6b441757ef6
SSDEEP

24576:HFjvqYD3F0Aa32yyXk0tKRKcOitHMx6Z9MeKFV5/BcfDc+yrBmTH:HFjvJD3Cl2E0tKRNHQYMpFbSrImTH

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 3 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
static1/unpack001/��1-ǿ��Ƽ�QQLog.exe	aspack_v212_v242
static1/unpack001/��2-QQMsgShow.exe	aspack_v212_v242
static1/unpack001/��3-��鿴QQ��Ϣ.exe	aspack_v212_v242

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/��1-ǿ��Ƽ�QQLog.exe
unpack001/��2-QQMsgShow.exe
unpack001/��3-��鿴QQ��Ϣ.exe

Files

d1e03e421a4440a355a2fdb117a7d346_JaffaCakes118
.cab
��Ľ��취-��.jpg
.jpg
��Ľ��취.jpg
.jpg
��1-ǿ��Ƽ�QQLog.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 117KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 18KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 176KB - Virtual size: 288KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
��2-QQMsgShow.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 100KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.srdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 70KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
��3-��鿴QQ��Ϣ.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 317KB - Virtual size: 696KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 43KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
��ô��.txt
��λ�ȡע��.txt
ʹ�ð��.chm
.chm

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

.text Size: 117KB - Virtual size: 240KB

.rdata Size: 18KB - Virtual size: 60KB

.data Size: 3KB - Virtual size: 28KB

.rsrc Size: 176KB - Virtual size: 288KB

.aspack Size: 27KB - Virtual size: 28KB

.adata Size: - Virtual size: 4KB

Headers

File Characteristics

Sections

.text Size: 100KB - Virtual size: 208KB

.rdata Size: 12KB - Virtual size: 44KB

.data Size: 5KB - Virtual size: 40KB

.srdata Size: 4KB - Virtual size: 4KB

.rsrc Size: 26KB - Virtual size: 128KB

.aspack Size: 70KB - Virtual size: 72KB

.adata Size: - Virtual size: 4KB

Headers

File Characteristics

Sections

.text Size: 317KB - Virtual size: 696KB

.rdata Size: 43KB - Virtual size: 148KB

.data Size: 4KB - Virtual size: 32KB

.rsrc Size: 44KB - Virtual size: 52KB

.aspack Size: 27KB - Virtual size: 28KB

.adata Size: - Virtual size: 4KB

.text
Size: 117KB - Virtual size: 240KB

.rdata
Size: 18KB - Virtual size: 60KB

.data
Size: 3KB - Virtual size: 28KB

.rsrc
Size: 176KB - Virtual size: 288KB

.aspack
Size: 27KB - Virtual size: 28KB

.adata
Size: - Virtual size: 4KB

.text
Size: 100KB - Virtual size: 208KB

.rdata
Size: 12KB - Virtual size: 44KB

.data
Size: 5KB - Virtual size: 40KB

.srdata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 26KB - Virtual size: 128KB

.aspack
Size: 70KB - Virtual size: 72KB

.adata
Size: - Virtual size: 4KB

.text
Size: 317KB - Virtual size: 696KB

.rdata
Size: 43KB - Virtual size: 148KB

.data
Size: 4KB - Virtual size: 32KB

.rsrc
Size: 44KB - Virtual size: 52KB

.aspack
Size: 27KB - Virtual size: 28KB

.adata
Size: - Virtual size: 4KB