5342c4ff957facc054991ed84ae518b6_JaffaCakes118

General

Target

5342c4ff957facc054991ed84ae518b6_JaffaCakes118
Size

361KB
MD5

5342c4ff957facc054991ed84ae518b6
SHA1

33bb87a39bfc4e59aa3f3863e94ef3666b5f4814
SHA256

b08e9afa8ac4d6b1217c89280f74519bafc7d2da851d27919580f869533fd77a
SHA512

86e32572fd0599cd8b48aa64b64bf0343aa41a7f467aaf50c1d20a14ddfc6910d39e0d3764356734aa36842288e679c2b8867b3ad27ca499eb06caa34e6d6567
SSDEEP

6144:ygljDCUWJ/whI966AGkAjOpoaY7oUO5cjf4G0j9ZlrDwSuW+kmI4GCnJj:yeDCUKQq6xGJOpqU15cjo/lfJxVGJj

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5342c4ff957facc054991ed84ae518b6_JaffaCakes118

Files

5342c4ff957facc054991ed84ae518b6_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllStart
DllUnregisterServer

Sections

Size: 43KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 6KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 7KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdat
Size: 283KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

Size: 43KB - Virtual size: 92KB

Size: 6KB - Virtual size: 12KB

Size: 7KB - Virtual size: 16KB

Size: 4KB - Virtual size: 24KB

.rsrc Size: 4KB - Virtual size: 4KB

Size: 4KB - Virtual size: 8KB

Size: 4KB - Virtual size: 4KB

.pdat Size: 283KB - Virtual size: 284KB

.adata Size: - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 4KB

.pdat
Size: 283KB - Virtual size: 284KB

.adata
Size: - Virtual size: 4KB