dd97bb83e3de2c367f710bf08d6e0beb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dd97bb83e3de2c367f710bf08d6e0beb_JaffaCakes118
Size

128KB
MD5

dd97bb83e3de2c367f710bf08d6e0beb
SHA1

166541c526c83f57fbd0df84ee2e3d0140ac3a92
SHA256

3ec229e7e23a8f4b4ab1d72159af51301d2e852dc93cd02dba0e1a3bba26f33c
SHA512

a7ab35d0f1aaff08b0d37e2954873dd102087190ba436be64600ec50298fdd7d1d601b96fa28f980adfad95c1b46a04ded07cd0bec9aa8d87727a10c13320a4a
SSDEEP

1536:R4kqDE+8YZa+PNlJs3OP9ykrZNyKKfuwCYTiMNV7KQvkIrdsklTjGk8i5ECJHD8V:R4kgEJYZxPaEUkrv5YlvJrHlG+ECJHE

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dd97bb83e3de2c367f710bf08d6e0beb_JaffaCakes118

Files

dd97bb83e3de2c367f710bf08d6e0beb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 65KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 15KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE