fa3798c36dc3a7c09bb906c1546bc07c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fa3798c36dc3a7c09bb906c1546bc07c_JaffaCakes118
Size

535KB
MD5

fa3798c36dc3a7c09bb906c1546bc07c
SHA1

65c3061fed864b7aa9da4859ae330c31c751772c
SHA256

252bcefb074d30c08f281ea4f6a615854518805c2155f8f79a14e02acdeb8dfc
SHA512

34b84fb5099a14308641a20a9a3476d08853ca5103fc2013558603cfd64f486aa348adfc63ad1aa18eb8320d83bb85e9a3292ec561a803f8d13ff3e643f3c152
SSDEEP

12288:XTa7kfHSTvZ0fIwl6JX3AI5DoSezGJB8z5iia63Wfsh/STLPe9lY7m8Pd4:XTaofHSTvhwSXrLezG78dn1WeSTre9lz

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa3798c36dc3a7c09bb906c1546bc07c_JaffaCakes118

Files

fa3798c36dc3a7c09bb906c1546bc07c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 388KB - Virtual size: 724KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 62KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 48KB - Virtual size: 324KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE