d9e1c2b85e063cc78ea37bf367c2585a_JaffaCakes118

General

Target

d9e1c2b85e063cc78ea37bf367c2585a_JaffaCakes118
Size

283KB
MD5

d9e1c2b85e063cc78ea37bf367c2585a
SHA1

34388408d7bf0246b7f94e52f100b58fa6d67bcb
SHA256

ff5044933a3a69c71fdddebffea912beef4d39692f927104f65eecc095f81991
SHA512

22dd5b64002fac95dfc341380a07acc53f5a4b24612136f74e93471037f61383bd5171c36b16b6b025cc0832c640ad2e80c78d1bf66ced16c6bb88b1d7cccba1
SSDEEP

6144:KNjbXiecvxn+aC1meyUGimMuzsch6JJrI+k1:gnXiNW1meyUGph6h+

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d9e1c2b85e063cc78ea37bf367c2585a_JaffaCakes118

Files

d9e1c2b85e063cc78ea37bf367c2585a_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

Size: 15KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 37KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 198KB - Virtual size: 420KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

Size: 15KB - Virtual size: 48KB

Size: 1KB - Virtual size: 4KB

Size: - Virtual size: 4KB

Size: 37KB - Virtual size: 44KB

Size: 512B - Virtual size: 4KB

Size: 4KB - Virtual size: 8KB

.rsrc Size: 25KB - Virtual size: 28KB

.data Size: 198KB - Virtual size: 420KB

.adata Size: - Virtual size: 4KB

.rsrc
Size: 25KB - Virtual size: 28KB

.data
Size: 198KB - Virtual size: 420KB

.adata
Size: - Virtual size: 4KB