29bab0563aa474d6ae1de78b302a6f82aa7179788b464aea4cd8532f9db3621c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

29bab0563aa474d6ae1de78b302a6f82aa7179788b464aea4cd8532f9db3621c
Size

1.6MB
MD5

881277d16b1f937e8773dd2ab0b6e5a2
SHA1

3459495ef1781fb177d7a6f73d225eff3775273d
SHA256

29bab0563aa474d6ae1de78b302a6f82aa7179788b464aea4cd8532f9db3621c
SHA512

1e9676c69fcd3b8321e66757f77fca8ba4d7dc0653b24b88220f8881e3ca74a633f7ab172460c1c219cafcecd60c0901bc850546a6bb5f0274f9a0a21b7f7f42
SSDEEP

49152:zyXKoWp09ZEv5TBx+JFa+t9zPbGrTvSpcoNoR:W99Z2kFaoFPSDR

Score

8^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
static1/unpack001/DNF伴侣外挂.exe	aspack_v212_v242

Files

29bab0563aa474d6ae1de78b302a6f82aa7179788b464aea4cd8532f9db3621c
.rar .ps1
DNF伴侣外挂.exe
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 41KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE