2a81a0dd444e765b57ba6c906d9c3fed_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2a81a0dd444e765b57ba6c906d9c3fed_JaffaCakes118
Size

2.6MB
MD5

2a81a0dd444e765b57ba6c906d9c3fed
SHA1

7340adb2c1bec4a8bf6860a16a00620fe2a055c2
SHA256

ba654ba0ac8e6a71c3a644f9387074decb9e167e88c0ffac06e0e068b14c1eb3
SHA512

49819d94ceb5346532d18e51e7550d30426bcda79d7e0a26ba062314558b86200ff90a08930b33b9d06146a6bcac4fe343501561effaef900ad085ed911087c2
SSDEEP

49152:SIWG/PArIWgDygz8zhzPgrxXgqmuweJyK3GdeT2OmQ5/h5MxthFHs295V:SQ/YrwDmz65tXrJb32U5pKHs2TV

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
static1/unpack001/魔界宝藏.exe	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/魔界宝藏.exe

Files

2a81a0dd444e765b57ba6c906d9c3fed_JaffaCakes118
.rar
魔界宝藏.exe
.exe windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.text
Size: 433KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.itext
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 14KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 512B - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: 1.0MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp1
Size: 48KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 848KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

.text Size: 433KB - Virtual size: 1.1MB

.itext Size: 3KB - Virtual size: 8KB

.data Size: 14KB - Virtual size: 32KB

.bss Size: 512B - Virtual size: 48KB

.idata Size: 5KB - Virtual size: 16KB

.tls Size: 512B - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 4KB

.vmp0 Size: 1.0MB - Virtual size: 1.1MB

.vmp1 Size: 48KB - Virtual size: 60KB

.reloc Size: - Virtual size: 80KB

.rsrc Size: 848KB - Virtual size: 1.1MB

.aspack Size: 9KB - Virtual size: 12KB

.adata Size: - Virtual size: 4KB

.text
Size: 433KB - Virtual size: 1.1MB

.itext
Size: 3KB - Virtual size: 8KB

.data
Size: 14KB - Virtual size: 32KB

.bss
Size: 512B - Virtual size: 48KB

.idata
Size: 5KB - Virtual size: 16KB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 4KB

.vmp0
Size: 1.0MB - Virtual size: 1.1MB

.vmp1
Size: 48KB - Virtual size: 60KB

.reloc
Size: - Virtual size: 80KB

.rsrc
Size: 848KB - Virtual size: 1.1MB

.aspack
Size: 9KB - Virtual size: 12KB

.adata
Size: - Virtual size: 4KB