ea1da1692fce577e8b2ab5d6e3c2edf3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ea1da1692fce577e8b2ab5d6e3c2edf3_JaffaCakes118
Size

290KB
MD5

ea1da1692fce577e8b2ab5d6e3c2edf3
SHA1

4d22b6046337d18d598db43864ad2dd895bb2579
SHA256

743e4ad4fa947997392b9ad469066e3dfe8ae9ad960b9d1345c4e57f14ba3a55
SHA512

66faf5511b77f66c53a9a90f264106aaf2575922f6d20cd87055c7f200f5c0266012e8f5ecfac08a525155159a6ae757f9985a47d550387aad4450b82bdd6b25
SSDEEP

6144:UGgzMbYIJ9Ai+/5GYN+U3eYLMVCHpp53q1GVQXDx:UZ1UAi65p3/MCpq19zx

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea1da1692fce577e8b2ab5d6e3c2edf3_JaffaCakes118

Files

ea1da1692fce577e8b2ab5d6e3c2edf3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 20KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 223KB - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE