bbedadea5939a3485a101a7aa0acc28b9295f492741c2b9edff8672b755c0af1

Sharing

Copy URL

Twitter E-mail

General

Target

bbedadea5939a3485a101a7aa0acc28b9295f492741c2b9edff8672b755c0af1
Size

3.2MB
MD5

c52f5ca43480573ed5d4b5366fad2be0
SHA1

b3bec5af80d4f81f823a339229a6f4d5059498b7
SHA256

bbedadea5939a3485a101a7aa0acc28b9295f492741c2b9edff8672b755c0af1
SHA512

1a57f394f1399da752592972a45790db00afdaed4b5e0d0e3f0ac371bb23a7706ad87849198ad57263ce4f67c1496a737eb333427f87d0e0c562387f1fa0f096
SSDEEP

98304:IcrckCHFg41B7KUWXZDITyLiycp5CkOTllLc8b1:vmiK7KUW2T9ybjloy1

Score

8^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs
Detects executables packed with ASPack v2.12-2.42
aspackv2

Processes:

resource yara_rule

sample aspack_v212_v242

resource	yara_rule
sample	aspack_v212_v242

Files

bbedadea5939a3485a101a7aa0acc28b9295f492741c2b9edff8672b755c0af1
.exe windows x86

Code Sign

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13-04-2011 10:00

Not After

28-01-2028 12:00

Subject

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

19-09-2018 00:00

Not After

28-01-2028 12:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15-06-2016 00:00

Not After

15-06-2024 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

11:21:d6:99:a7:64:97:3e:f1:f8:42:7e:e9:19:cc:53:41:14
Certificate

Issuer

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

24-05-2016 00:00

Not After

24-06-2027 00:00

Subject

CN=GlobalSign TSA for MS Authenticode - G2,O=GMO GlobalSign Pte Ltd,C=SG

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

17:84:31:17:85:2d:87:39:43:3c:23:9b
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

17-01-2019 07:04

Not After

16-02-2022 07:04

Subject

CN=杭州跃兔网络科技有限公司,O=杭州跃兔网络科技有限公司,L=杭州,ST=浙江,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

fe:c6:fb:af:f0:5f:a3:90:55:93:80:0a:24:64:e2:8f:56:a1:0f:3f
Signer

Actual PE Digest

fe:c6:fb:af:f0:5f:a3:90:55:93:80:0a:24:64:e2:8f:56:a1:0f:3f

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

CN=杭州跃兔网络科技有限公司,O=杭州跃兔网络科技有限公司,L=杭州,ST=浙江,C=CN

15-05-2019 12:59
Valid: true

Chain 1

CN=杭州跃兔网络科技有限公司,O=杭州跃兔网络科技有限公司,L=杭州,ST=浙江,C=CN

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Chain 2

CN=杭州跃兔网络科技有限公司,O=杭州跃兔网络科技有限公司,L=杭州,ST=浙江,C=CN

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 529KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 91KB - Virtual size: 344KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.5MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 22KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Code Sign

04:00:00:00:00:01:2f:4e:e1:52:d7Certificate

Key Usages

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6aCertificate

Key Usages

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cdCertificate

Extended Key Usages

Key Usages

11:21:d6:99:a7:64:97:3e:f1:f8:42:7e:e9:19:cc:53:41:14Certificate

Extended Key Usages

Key Usages

17:84:31:17:85:2d:87:39:43:3c:23:9bCertificate

Extended Key Usages

Key Usages

fe:c6:fb:af:f0:5f:a3:90:55:93:80:0a:24:64:e2:8f:56:a1:0f:3fSigner

Signature Validations

Verification

15-05-2019 12:59 Valid: true

Chain 1

Chain 2

Headers

File Characteristics

Sections

.text Size: 529KB - Virtual size: 1.5MB

.rdata Size: 91KB - Virtual size: 344KB

.data Size: 12KB - Virtual size: 140KB

.tls Size: 4KB - Virtual size: 4KB

.rsrc Size: 2.5MB - Virtual size: 2.7MB

.aspack Size: 22KB - Virtual size: 24KB

.adata Size: - Virtual size: 4KB

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

11:21:d6:99:a7:64:97:3e:f1:f8:42:7e:e9:19:cc:53:41:14
Certificate

17:84:31:17:85:2d:87:39:43:3c:23:9b
Certificate

fe:c6:fb:af:f0:5f:a3:90:55:93:80:0a:24:64:e2:8f:56:a1:0f:3f
Signer

15-05-2019 12:59
Valid: true

.text
Size: 529KB - Virtual size: 1.5MB

.rdata
Size: 91KB - Virtual size: 344KB

.data
Size: 12KB - Virtual size: 140KB

.tls
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 2.5MB - Virtual size: 2.7MB

.aspack
Size: 22KB - Virtual size: 24KB

.adata
Size: - Virtual size: 4KB