457fb3ab2df58df1bafb9112f3cceaf7_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

457fb3ab2df58df1bafb9112f3cceaf7_JaffaCakes118
Size

710KB
MD5

457fb3ab2df58df1bafb9112f3cceaf7
SHA1

e9d8ea4192c13995c3510c1c69e61332dca5941f
SHA256

f6dd91f9e1dd503cb5b45fc9f2833ee8687f89d8bb04cab2d25fc70b3e6716ad
SHA512

a523f945e27f9dde71d26665e1f2f87de1e2c5b44041c56058780452dba9adb2bb13a6f9fe80be4ac68afc60d3a9c6e51a2abad38250b444e79444d37decebd7
SSDEEP

12288:cR7oiy9fc9tTOKZyiJEy1hH4Rp0aCN0ck6TET+4tx5wsDxoUXtPmV3uxKfuFB4H7:E7fuc9dOKZyiJEy1hH4RG5Pk/K4txCsF

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
457fb3ab2df58df1bafb9112f3cceaf7_JaffaCakes118

Files

457fb3ab2df58df1bafb9112f3cceaf7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

@RWinSocket@DispatchProc$qqsp6HWND__uiuil
__GetExceptDLLinfo
___CPPdebugHook

Sections

.text
Size: 591KB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 49KB - Virtual size: 332KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pmj
Size: - Virtual size: 1B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

.text Size: 591KB - Virtual size: 2.6MB

.data Size: 49KB - Virtual size: 332KB

.tls Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 2KB - Virtual size: 8KB

.edata Size: 512B - Virtual size: 4KB

.rsrc Size: 60KB - Virtual size: 60KB

.reloc Size: - Virtual size: 92KB

.aspack Size: 4KB - Virtual size: 8KB

.adata Size: - Virtual size: 4KB

.pmj Size: - Virtual size: 1B

.text
Size: 591KB - Virtual size: 2.6MB

.data
Size: 49KB - Virtual size: 332KB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 2KB - Virtual size: 8KB

.edata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 60KB - Virtual size: 60KB

.reloc
Size: - Virtual size: 92KB

.aspack
Size: 4KB - Virtual size: 8KB

.adata
Size: - Virtual size: 4KB

.pmj
Size: - Virtual size: 1B