006c63e0ea8cce38fffac82d33a511a9_JaffaCakes118 | Triage

Sharing

General

Target

006c63e0ea8cce38fffac82d33a511a9_JaffaCakes118
Size

43KB
MD5

006c63e0ea8cce38fffac82d33a511a9
SHA1

b30fbffccc3a2394956c81c5d82644ed9c3188b6
SHA256

fa3d2ca09c176b72f8ee36c720b43b7b49f191703b0a4d3becf6cff99cbe0e28
SHA512

ba05b03e78655057d8ce5558a63a858e1912f3fdcda62760ea9d042b42d41c79326d9a51f3ae66abcb185ddf3fc37ccd7ebd10e7f0de88e776e7d6052aeb42d5
SSDEEP

768:/RVKWMlKz9eplh7DiVhBup1y0ERLlmvRWXExCha5x:/KlWYpfDiVc1y0QhmvRWXpo

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
006c63e0ea8cce38fffac82d33a511a9_JaffaCakes118

Files

006c63e0ea8cce38fffac82d33a511a9_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 17KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE