01dd1a0af1a75c28e76ea880f18e84ba_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

01dd1a0af1a75c28e76ea880f18e84ba_JaffaCakes118
Size

193KB
MD5

01dd1a0af1a75c28e76ea880f18e84ba
SHA1

9dd72fef3d38b8d6441ad65a13daad20aa29d7be
SHA256

a658a8d181c0dbd7a7ab1d8e01ea42d91d553af309da36f4647a4005af0dffcb
SHA512

0ded969821a9d6448f86101fc32aee507a3bbb6d1f351b14cb8dc695fc134d034953966edd23121e96ed31c3051e73ed359f5ffdd9726aa208cdcf28ad2b9466
SSDEEP

6144:xYUYQlK56N8qJhXXTuGCRMjwronKNG4NGo:xYUVyC8qr9CRMeonKNNp

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
static1/unpack001/SmiLe Hook v2.3/SmiLe Hook.dll	aspack_v212_v242

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/SmiLe Hook v2.3/SmiLe Hook.dll
unpack001/SmiLe Hook v2.3/SmiLe Hook.exe

Files

01dd1a0af1a75c28e76ea880f18e84ba_JaffaCakes118
.rar
SmiLe Hook v2.3/SmiLe Hook.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

CreateInterface

Sections

.text
Size: 312KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 13KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.007
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
SmiLe Hook v2.3/SmiLe Hook.exe
.exe windows:4 windows x86 arch:x86

370d0f76b9674f7617a648057b9b101c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAlloc
OpenProcess
CloseHandle
SetThreadContext
ReadProcessMemory
SuspendThread
Sleep
ResumeThread
WriteProcessMemory
VirtualProtectEx
GetThreadContext
GetProcAddress
GlobalFree
CreateRemoteThread
ExitProcess
LoadLibraryA
FindFirstFileA
GetWindowsDirectoryA
SetFileAttributesA
TerminateProcess
CreateProcessA
SetCurrentDirectoryA
DeleteFileA
GetModuleFileNameA
GetModuleHandleA
GetExitCodeThread
WaitForSingleObject
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStrings
GetOEMCP
GetACP
SetEndOfFile
GetStartupInfoA
GetCommandLineA
DebugBreak
GetVersion
WriteFile
InterlockedDecrement
OutputDebugStringA
InterlockedIncrement
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
IsBadWritePtr
IsBadReadPtr
HeapValidate
GetLastError
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetStringTypeA
SetConsoleCtrlHandler
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
HeapFree
VirtualFree
RtlUnwind
SetFilePointer
GetCPInfo
GetStringTypeW
HeapAlloc
HeapReAlloc
VirtualAlloc
SetStdHandle
FlushFileBuffers
ReadFile
CreateFileA

user32

MessageBoxA

comdlg32

GetOpenFileNameA
GetSaveFileNameA

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

Sections

.text
Size: 140KB - Virtual size: 138KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SmiLe Hook v2.3/main.cfg
SmiLe Hook v2.3/menu.txt
SmiLe Hook v2.3/readme.txt

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

.text Size: 312KB - Virtual size: 312KB

.reloc Size: 13KB - Virtual size: 20KB

.007 Size: 4KB - Virtual size: 8KB

.adata Size: - Virtual size: 4KB

370d0f76b9674f7617a648057b9b101c

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

advapi32

Sections

.text Size: 140KB - Virtual size: 138KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 8KB - Virtual size: 14KB

.idata Size: 4KB - Virtual size: 2KB

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 312KB - Virtual size: 312KB

.reloc
Size: 13KB - Virtual size: 20KB

.007
Size: 4KB - Virtual size: 8KB

.adata
Size: - Virtual size: 4KB

.text
Size: 140KB - Virtual size: 138KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 8KB - Virtual size: 14KB

.idata
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 8KB - Virtual size: 4KB