17f13f7588e768bb4e57097d26055685_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

17f13f7588e768bb4e57097d26055685_JaffaCakes118
Size

34KB
MD5

17f13f7588e768bb4e57097d26055685
SHA1

5c1e367fd43beeaade406b60a38cbfde3b849179
SHA256

96ce06e47be3907c935f443fdeb0589aa5307a6a45eb120fa024edbed8d13726
SHA512

ea70726d5cb2d2ff9fd60f805b1dc44b2b77ebccb671b9c594c6b3b032462c027685cddf1f3817763c2ff97d013129b3e064ee451e654fdc3fb9a990e78ee26c
SSDEEP

768:Bl6JUBbrVvMXee7lE+w8nOJPkUXj+3Ehy5S8r8fo1tzExnha5:Bl7B/VvMXekuJkg+3VnWo1g

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
17f13f7588e768bb4e57097d26055685_JaffaCakes118

Files

17f13f7588e768bb4e57097d26055685_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

Init

Sections

.text
Size: 21KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE