2995eabfbbbb3690e9a94ba05aebde5d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2995eabfbbbb3690e9a94ba05aebde5d_JaffaCakes118
Size

1.9MB
MD5

2995eabfbbbb3690e9a94ba05aebde5d
SHA1

9cd00f6edbaab26224552b2118d72336b89d3642
SHA256

44b4779605dd6c054fc92e2b83f5b8925c93994be36167c99a22fab258a1f35d
SHA512

4dfe99ae765773f0d06b8ab165062ce7864e070b7c5890241f901a70b39c05db24ee8df3ef19e16ca0631cfd8a1a4d2c8b17251dc78aada422f10ed60faf485c
SSDEEP

49152:7X1pEHWqMshqucOjLfE61TQWpMun4Rr3XeT:7s2qPRdc6dX4h+T

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2995eabfbbbb3690e9a94ba05aebde5d_JaffaCakes118

Files

2995eabfbbbb3690e9a94ba05aebde5d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.text
Size: 1.0MB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.itext
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 25KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 336KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 49KB - Virtual size: 596KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 228KB - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.aspack
.data
.didata
.idata
.itext
.rdata
.rsrc/1033/BITMAP/TBUTTONCOLOR
.rsrc/1033/BITMAP/TBUTTONGRADIENT
.rsrc/1033/BITMAP/TBUTTONPEN
.rsrc/1033/BITMAP/TCOMBOFLAT
.rsrc/1033/BITMAP/TEEARROWDOWN
.rsrc/1033/BITMAP/TEEARROWUP
.rsrc/1033/BITMAP/TIMAGEFILTERED
.rsrc/1033/BITMAP/TTEEINSPECTOR
.rsrc/1033/BITMAP/TTEEPREVIEWPANEL
.rsrc/1033/CURSOR/1
.rsrc/1033/CURSOR/2
.rsrc/1033/CURSOR/3
.rsrc/1033/CURSOR/4
.rsrc/1033/CURSOR/5
.rsrc/1033/CURSOR/6
.rsrc/1033/CURSOR/7
.rsrc/1033/CURSOR/8
.text
CERTIFICATE
[0]

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

.text Size: 1.0MB - Virtual size: 3.6MB

.itext Size: 5KB - Virtual size: 12KB

.data Size: 25KB - Virtual size: 52KB

.bss Size: - Virtual size: 28KB

.idata Size: 5KB - Virtual size: 20KB

.didata Size: 1024B - Virtual size: 4KB

.tls Size: - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.reloc Size: - Virtual size: 336KB

.rsrc Size: 49KB - Virtual size: 596KB

.aspack Size: 228KB - Virtual size: 232KB

.adata Size: - Virtual size: 4KB

.text
Size: 1.0MB - Virtual size: 3.6MB

.itext
Size: 5KB - Virtual size: 12KB

.data
Size: 25KB - Virtual size: 52KB

.bss
Size: - Virtual size: 28KB

.idata
Size: 5KB - Virtual size: 20KB

.didata
Size: 1024B - Virtual size: 4KB

.tls
Size: - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.reloc
Size: - Virtual size: 336KB

.rsrc
Size: 49KB - Virtual size: 596KB

.aspack
Size: 228KB - Virtual size: 232KB

.adata
Size: - Virtual size: 4KB