JaffaCakes118_68bf14b59350493cb87ec3d59b2ff92e | Triage

Sharing

General

Target

JaffaCakes118_68bf14b59350493cb87ec3d59b2ff92e
Size

331KB
MD5

68bf14b59350493cb87ec3d59b2ff92e
SHA1

ee8898509e88c38913fc23dcc2281f09a7b0caca
SHA256

86f1f83f6e3e1170d2f67668d8332713f8ffe947ddc7d93113ac51a6f8dafd49
SHA512

59d7c33ea5bbc27a0486714c407922507e13b38589dbc48d4c849601cbe46da05f9de0232714f20dee4f9cd4f433e227ad58b576c8bf62ae141cc9cdee221b75
SSDEEP

6144:/2250RPFBx/dItAVV9c9CoiwFZi+nNecYR5FozxMtvO1kLVPSiDIdGU+:/qvP1SC8ZdccYR5FHLm4

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_68bf14b59350493cb87ec3d59b2ff92e

Files

JaffaCakes118_68bf14b59350493cb87ec3d59b2ff92e
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.MPRESS1
Size: 319KB - Virtual size: 712KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE