3e6c04cdefb9fd373a555609e78ed1fa_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3e6c04cdefb9fd373a555609e78ed1fa_JaffaCakes118
Size

437KB
MD5

3e6c04cdefb9fd373a555609e78ed1fa
SHA1

c72a8fe59f0a1c5ba8d85e55758d9cb15a9f69ad
SHA256

f487f3c005a5cf66a2b4b067be277e6ac7008e7bc910925c30928710692b1480
SHA512

867133b34cb87b2d9ba64c0aa0cf72bc63d02c96478ec8d08aba1e1e3b93eebd737ce523aa9e79c21fa0ff302b6ea580d28a809c97d3c7d27582b504ee606a28
SSDEEP

6144:n0a7WYA/MZYYqYZoE3UUR07HIibTjPp3jAF+JdHYROW9kxpU5FJwnviv:n/AnYqYZ8lTI02+YdWHcFJAiv

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
static1/unpack001/CommAssistant/CommAssistant.exe	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/CommAssistant/CommAssistant.exe

Files

3e6c04cdefb9fd373a555609e78ed1fa_JaffaCakes118
.rar
CommAssistant/CommAssistant.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

@$xp$14Jpeg@TJPEGData
@$xp$15Jpeg@TJPEGImage
@$xp$15Jpeg@TJPEGScale
@$xp$21Jpeg@TJPEGPerformance
@$xp$21Jpeg@TJPEGPixelFormat
@$xp$22Jpeg@TJPEGQualityRange
@@Autoupdateunit@Finalize
@@Autoupdateunit@Initialize
@@Backdownupdatefileunit@Finalize
@@Backdownupdatefileunit@Initialize
@@Osver@Finalize
@@Osver@Initialize
@@Recvunit@Finalize
@@Recvunit@Initialize
@@Sendfileunit@Finalize
@@Sendfileunit@Initialize
@@Transferscomm@Finalize
@@Transferscomm@Initialize
@@Transfersunit@Finalize
@@Transfersunit@Initialize
@@Unitmain@Finalize
@@Unitmain@Initialize
@Jconsts@Finalization$qqrv
@Jconsts@_sChangeJPGSize
@Jconsts@_sJPEGError
@Jconsts@_sJPEGImageFile
@Jconsts@initialization$qqrv
@Jpeg@Finalization$qqrv
@Jpeg@JPEGDefaults
@Jpeg@TJPEGData@
@Jpeg@TJPEGData@$bdtr$qqrv
@Jpeg@TJPEGData@FreeHandle$qqrv
@Jpeg@TJPEGImage@
@Jpeg@TJPEGImage@$bctr$qqrv
@Jpeg@TJPEGImage@$bdtr$qqrv
@Jpeg@TJPEGImage@Assign$qqrp19Classes@TPersistent
@Jpeg@TJPEGImage@AssignTo$qqrp19Classes@TPersistent
@Jpeg@TJPEGImage@CalcOutputDimensions$qqrv
@Jpeg@TJPEGImage@Changed$qqrp14System@TObject
@Jpeg@TJPEGImage@Compress$qqrv
@Jpeg@TJPEGImage@DIBNeeded$qqrv
@Jpeg@TJPEGImage@Draw$qqrp16Graphics@TCanvasrx11Types@TRect
@Jpeg@TJPEGImage@Equals$qqrp17Graphics@TGraphic
@Jpeg@TJPEGImage@FreeBitmap$qqrv
@Jpeg@TJPEGImage@GetBitmap$qqrv
@Jpeg@TJPEGImage@GetEmpty$qqrv
@Jpeg@TJPEGImage@GetGrayscale$qqrv
@Jpeg@TJPEGImage@GetHeight$qqrv
@Jpeg@TJPEGImage@GetPalette$qqrv
@Jpeg@TJPEGImage@GetWidth$qqrv
@Jpeg@TJPEGImage@JPEGNeeded$qqrv
@Jpeg@TJPEGImage@LoadFromClipboardFormat$qqrusuip10HPALETTE__
@Jpeg@TJPEGImage@LoadFromStream$qqrp15Classes@TStream
@Jpeg@TJPEGImage@NewBitmap$qqrv
@Jpeg@TJPEGImage@NewImage$qqrv
@Jpeg@TJPEGImage@ReadData$qqrp15Classes@TStream
@Jpeg@TJPEGImage@ReadStream$qqrip15Classes@TStream
@Jpeg@TJPEGImage@SaveToClipboardFormat$qqrrusruirp10HPALETTE__
@Jpeg@TJPEGImage@SaveToStream$qqrp15Classes@TStream
@Jpeg@TJPEGImage@SetGrayscale$qqro
@Jpeg@TJPEGImage@SetHeight$qqri
@Jpeg@TJPEGImage@SetPalette$qqrp10HPALETTE__
@Jpeg@TJPEGImage@SetPerformance$qqr21Jpeg@TJPEGPerformance
@Jpeg@TJPEGImage@SetPixelFormat$qqr21Jpeg@TJPEGPixelFormat
@Jpeg@TJPEGImage@SetScale$qqr15Jpeg@TJPEGScale
@Jpeg@TJPEGImage@SetSmoothing$qqro
@Jpeg@TJPEGImage@SetWidth$qqri
@Jpeg@TJPEGImage@WriteData$qqrp15Classes@TStream
@Jpeg@initialization$qqrv
_AboutBox
_FormMain
_FormRecv
_FormTransfers
__GetExceptDLLinfo
___CPPdebugHook

Sections

.text
Size: 292KB - Virtual size: 736KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 14KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
CommAssistant/串口调试助手3_用户手册.doc
.doc windows office2003
CommAssistant/使用说明.txt
CommAssistant/更多软件下载.url
CommAssistant/系统之家.url

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

.text Size: 292KB - Virtual size: 736KB

.data Size: 14KB - Virtual size: 92KB

.tls Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 3KB - Virtual size: 12KB

.edata Size: 3KB - Virtual size: 4KB

.rsrc Size: 21KB - Virtual size: 88KB

.reloc Size: - Virtual size: 48KB

.aspack Size: 19KB - Virtual size: 20KB

.adata Size: - Virtual size: 4KB

.text
Size: 292KB - Virtual size: 736KB

.data
Size: 14KB - Virtual size: 92KB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 12KB

.edata
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 21KB - Virtual size: 88KB

.reloc
Size: - Virtual size: 48KB

.aspack
Size: 19KB - Virtual size: 20KB

.adata
Size: - Virtual size: 4KB