fd756bb3ac04d5f52c17fead764edcaf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fd756bb3ac04d5f52c17fead764edcaf_JaffaCakes118
Size

74KB
MD5

fd756bb3ac04d5f52c17fead764edcaf
SHA1

30c9922f8b67143e0d64fc3e16581bc0d4d946e4
SHA256

6331f1c584826b8f468f3c33ac0a6813953ac5acc024c1b29d46051abd20a329
SHA512

811a5a6d3536f19c47441c4fede02afd76d2bb31b168a31c057f666c75f7ccb44b1dde11892128fa49e3544972bef9ea0a5be559aa1877bc028ff19a0ceca2a8
SSDEEP

1536:DI3SkuvfZ/Auwo+UsRn6z2nQlmBQ4afVS1+:DJxvfGki6z2ES

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fd756bb3ac04d5f52c17fead764edcaf_JaffaCakes118

Files

fd756bb3ac04d5f52c17fead764edcaf_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 64KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

zdata
Size: 512B - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

vdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE