141e153e0593f21f2ec27410a7baee93_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

141e153e0593f21f2ec27410a7baee93_JaffaCakes118
Size

305KB
MD5

141e153e0593f21f2ec27410a7baee93
SHA1

d5bb8681247623eeeb2d02f7f967fab2851de395
SHA256

b6af562ce3b07e1e12f4fad70eb8828806ffe5123441232b8b4daba01206de32
SHA512

b94ec7d8732a62b4385507351a85b8f5d317bed7d0192470ab6e5a65e3a1631eb1ae7e2303a4602202f712221f9b9c9061dcf3f7b9710ccef67d997f2782175b
SSDEEP

6144:mRoGSD4SlrD0XJ//aEbxoYPHsg9wociHGFiaAxrbYHB18+L2Owu0:/GSbDOJqKxDHD9wzimFiaApbI4Ow

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
141e153e0593f21f2ec27410a7baee93_JaffaCakes118

Files

141e153e0593f21f2ec27410a7baee93_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 200KB - Virtual size: 908KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.z w3 8
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ExeS
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE