d5ac91deb8fee3bf250fcd0b74e02dc4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d5ac91deb8fee3bf250fcd0b74e02dc4_JaffaCakes118
Size

849KB
MD5

d5ac91deb8fee3bf250fcd0b74e02dc4
SHA1

6c357e9a1645cb32ff29c46481481cc3e9989c7b
SHA256

5b62e48284ff19dc3123b305131e9f81ac73ec70a4ac04f159b94cc3eac4ef87
SHA512

f69bab798ed661a094b99c69957e7c3f1cd5b1ac4a62ff2693dc88c1e61e8ed8d6f9c3f7abfd5f721dfb29fbd6e398d423ebc748689633b83c1dfad0e25e05ef
SSDEEP

24576:AdMds7WN7aFLBrPHzGYr9ZOkdQoq4iTVijaeFYT/p:Amd/NGxBrXRZtMVZeKN

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d5ac91deb8fee3bf250fcd0b74e02dc4_JaffaCakes118

Files

d5ac91deb8fee3bf250fcd0b74e02dc4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 671KB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 112KB - Virtual size: 380KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 53KB - Virtual size: 26.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.freest
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE