3e36eef94208c1c7a516090fb8f067f3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3e36eef94208c1c7a516090fb8f067f3_JaffaCakes118
Size

1.3MB
MD5

3e36eef94208c1c7a516090fb8f067f3
SHA1

ec80f4054d6ee3f04acf237226092799d7425b77
SHA256

08534fe7763e196abe98f3a0f14b507bad1f71e42b5de0bffde9be9f1ea88368
SHA512

163f8cebc402a1a556da0a95af126d5ffe73d23f99c022f0a5200836dd4f6e521aa70ff3aa7a5346f1aaa92918042d21422b0441b2303ab6f57aa44bf087c137
SSDEEP

24576:DWluIXXngGMA9kb/FWPdeZB/EJYs81+W+J72uKleiTIyfs9YL0KQltYH/UFiIi:iwKwGMAyb/8PdAtEJYB1+W82uWrNYo0o

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
static1/unpack001/月光宝盒网吧家庭通用版V9.4.exe	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/月光宝盒网吧家庭通用版V9.4.exe

Files

3e36eef94208c1c7a516090fb8f067f3_JaffaCakes118
.rar
月光宝盒网吧家庭通用版V9.4.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 244KB - Virtual size: 532KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 934KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 18KB - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: 120KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE