3ee5ece37c413baa8509e27ed7635e88_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3ee5ece37c413baa8509e27ed7635e88_JaffaCakes118
Size

1.9MB
MD5

3ee5ece37c413baa8509e27ed7635e88
SHA1

21c9de5f88ddf9a2c2bcf485341a5509bc33b904
SHA256

a5fd5e59a72830eaf8c0c47672c6e57cfa3f1d713caa9a44bca5bc46bc367043
SHA512

d7372f95f4f53d59bf2cb0317dbc65444bb76b0b6332c692365ac95c8bf4f9ff4aa6c0533aead613c1d037b3c2bcf34c66eaad491a458b2926f95286084d6635
SSDEEP

49152:7X1pEHWqMshqucOjLfE61TQWpMun4Rr3Xem:7s2qPRdc6dX4h+m

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ee5ece37c413baa8509e27ed7635e88_JaffaCakes118

Files

3ee5ece37c413baa8509e27ed7635e88_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.text
Size: 1.0MB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.itext
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 25KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 336KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 49KB - Virtual size: 596KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 228KB - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.aspack
.data
.didata
.idata
.itext
.rdata
.rsrc/1033/BITMAP/TBUTTONCOLOR
.rsrc/1033/BITMAP/TBUTTONGRADIENT
.rsrc/1033/BITMAP/TBUTTONPEN
.rsrc/1033/BITMAP/TCOMBOFLAT
.rsrc/1033/BITMAP/TEEARROWDOWN
.rsrc/1033/BITMAP/TEEARROWUP
.rsrc/1033/BITMAP/TIMAGEFILTERED
.rsrc/1033/BITMAP/TTEEINSPECTOR
.rsrc/1033/BITMAP/TTEEPREVIEWPANEL
.rsrc/1033/CURSOR/1
.rsrc/1033/CURSOR/2
.rsrc/1033/CURSOR/3
.rsrc/1033/CURSOR/4
.rsrc/1033/CURSOR/5
.rsrc/1033/CURSOR/6
.rsrc/1033/CURSOR/7
.rsrc/1033/CURSOR/8
.text
CERTIFICATE
[0]

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

.text Size: 1.0MB - Virtual size: 3.6MB

.itext Size: 5KB - Virtual size: 12KB

.data Size: 25KB - Virtual size: 52KB

.bss Size: - Virtual size: 28KB

.idata Size: 5KB - Virtual size: 20KB

.didata Size: 1024B - Virtual size: 4KB

.tls Size: - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.reloc Size: - Virtual size: 336KB

.rsrc Size: 49KB - Virtual size: 596KB

.aspack Size: 228KB - Virtual size: 232KB

.adata Size: - Virtual size: 4KB

.text
Size: 1.0MB - Virtual size: 3.6MB

.itext
Size: 5KB - Virtual size: 12KB

.data
Size: 25KB - Virtual size: 52KB

.bss
Size: - Virtual size: 28KB

.idata
Size: 5KB - Virtual size: 20KB

.didata
Size: 1024B - Virtual size: 4KB

.tls
Size: - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.reloc
Size: - Virtual size: 336KB

.rsrc
Size: 49KB - Virtual size: 596KB

.aspack
Size: 228KB - Virtual size: 232KB

.adata
Size: - Virtual size: 4KB