0a12fe401445424d60243e5ff33588f1_JaffaCakes118

General

Target

0a12fe401445424d60243e5ff33588f1_JaffaCakes118
Size

189KB
MD5

0a12fe401445424d60243e5ff33588f1
SHA1

892c708bea600e2951ae3baad983ffee999c631b
SHA256

73b95474f5f88be3c5a879b3becf8055b5f58070231dbd07f4858be8e04eb7a4
SHA512

63df41e90b28103881076b9d841f3636269e86d2186b658d056619d1d6cab7f00fe490dce9045e91922bbc7047b739a3e283c5713c8db686883b6cb83394f509
SSDEEP

3072:BIPYyBy4IsCBjkUCjuhC2RpmOhlYvOtJWaUrLRPdIFHVb5XkOqA/t5O7JTcAQK6P:+PYpBRBFBnHlYvO4psNRkpAK7JTcDK6P

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
static1/unpack001/IMG_24102011_1445400_JPG_fb0dab3592a85189e53b046a2b46sd59_fb0dab3592a85189e53b046a2b4659.com	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/IMG_24102011_1445400_JPG_fb0dab3592a85189e53b046a2b46sd59_fb0dab3592a85189e53b046a2b4659.com

Files

0a12fe401445424d60243e5ff33588f1_JaffaCakes118
.zip
IMG_24102011_1445400_JPG_fb0dab3592a85189e53b046a2b46sd59_fb0dab3592a85189e53b046a2b4659.com
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 167KB - Virtual size: 412KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

CODE Size: 167KB - Virtual size: 412KB

DATA Size: 3KB - Virtual size: 8KB

BSS Size: - Virtual size: 4KB

.idata Size: 3KB - Virtual size: 12KB

.tls Size: - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.reloc Size: - Virtual size: 36KB

.rsrc Size: 10KB - Virtual size: 40KB

.aspack Size: 14KB - Virtual size: 16KB

.adata Size: - Virtual size: 4KB

CODE
Size: 167KB - Virtual size: 412KB

DATA
Size: 3KB - Virtual size: 8KB

BSS
Size: - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 12KB

.tls
Size: - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.reloc
Size: - Virtual size: 36KB

.rsrc
Size: 10KB - Virtual size: 40KB

.aspack
Size: 14KB - Virtual size: 16KB

.adata
Size: - Virtual size: 4KB