05ae52438489fa01d921975aa080d7cd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

05ae52438489fa01d921975aa080d7cd_JaffaCakes118
Size

233KB
MD5

05ae52438489fa01d921975aa080d7cd
SHA1

eb079757b73b6f42d417813d84063fe62eb1f090
SHA256

68882ab16b607c5b0e8077470539d527a6a2284011f49e413270ea5246f2f939
SHA512

ed903526515cdf04c72e4f9688ac762f38effea5e2682202bb88b2e6b349cb3c16fe70601bbf2dd89a8f216d011073df784cd471f174c18c1fb11c52e67bddf4
SSDEEP

6144:UXOXFwVVEVWrcj3OuAgGF1UI9PiIlHk/M:UXoigOunSH9PVA

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
05ae52438489fa01d921975aa080d7cd_JaffaCakes118

Files

05ae52438489fa01d921975aa080d7cd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 156KB - Virtual size: 344KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 23KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 34KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE