ee8ee972f1266c30a64973fbbe927095_JaffaCakes118 | Triage

Sharing

General

Target

ee8ee972f1266c30a64973fbbe927095_JaffaCakes118
Size

21KB
MD5

ee8ee972f1266c30a64973fbbe927095
SHA1

800b4e3421cc564d81f291beaeb2c49f235f708e
SHA256

42146116d6278740c818c589bc3116f7669d023de25f3c5d1a14ac6a09cacc76
SHA512

b9f66c76d8ccbba4d8979952089761e51ad70d318272999ddd9a59bc27b1d4c0ec54f49efd1b1960390c74029a1b3742fc7f1c86b328ecc925d8104b60466849
SSDEEP

384:UmhXEV1mNMZ8wGW5SEYFdctSs3xKdxoBpi8Tj04JGu+Axnr6+I9PfYUDQ:UoXImwGW5ydcn3xKdxcT304JGuJxGLoP

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ee8ee972f1266c30a64973fbbe927095_JaffaCakes118

Files

ee8ee972f1266c30a64973fbbe927095_JaffaCakes118
.dll windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 8KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.matrix
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE