fdd978a5d05bb97d01df8ecb8a72285d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fdd978a5d05bb97d01df8ecb8a72285d_JaffaCakes118
Size

541KB
MD5

fdd978a5d05bb97d01df8ecb8a72285d
SHA1

9baa822873a5c1c64a6f874d7defe4cb82dbbb09
SHA256

d29c82c18c14bd7aed67d9aafbae9c323fb07b3225de8400894ec73501d4c329
SHA512

c7ddd97cbfd8a4e24eadebd7b4dd1ea15b7e643f52f5876ee4b472a0bb024b0e8f5a0f61f1b3e047400f6064f2e7b0de85ebdeb9ee555326478708e81e456fd5
SSDEEP

12288:8Z6pzw6pFTOzTN/CF3Z4mxxA/zll/EpM/Mw:JjTOTN6QmXkzb

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fdd978a5d05bb97d01df8ecb8a72285d_JaffaCakes118

Files

fdd978a5d05bb97d01df8ecb8a72285d_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DllRegisterServer
DllUnregisterServer

Sections

Size: - Virtual size: 636KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 222KB - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 314KB - Virtual size: 316KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE