2ff91b26010bd5fdc843428b50247d0a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2ff91b26010bd5fdc843428b50247d0a_JaffaCakes118
Size

67KB
MD5

2ff91b26010bd5fdc843428b50247d0a
SHA1

0ad5c326e731927c92b1c0ca03e0e19d42e8d97a
SHA256

dcaaaf1ef48565ac7726420b96465f0c8b3bf09a56308f355b8a01644d7dffb1
SHA512

ed17dd379540400c75655b7c363c4a4f674ab46404558140d9ce4a6e1c95f2170de429291ede640270b474c099a07845adb027cba71ed114e9ea9e8c19691207
SSDEEP

1536:HpyJlcA5bKNKXLK0yBE/tdnkADzzDqGKLiUa5pJxt6q03JxOBqKX8X:HyxHyazHDLdprANx9Ks

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ff91b26010bd5fdc843428b50247d0a_JaffaCakes118

Files

2ff91b26010bd5fdc843428b50247d0a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 51KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wQw
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE