d56563be9be42e58a0354c158a1489792e6002c9f7a73ed48fe4207c06a32d2a

Sharing

Copy URL Twitter E-mail

General

Target

d56563be9be42e58a0354c158a1489792e6002c9f7a73ed48fe4207c06a32d2a
Size

1.6MB
MD5

93fb7a1f044bea672ef0b8dcf2ad75bc
SHA1

45545a8fb2885f6ed462b2a268cf320e90bcd39f
SHA256

d56563be9be42e58a0354c158a1489792e6002c9f7a73ed48fe4207c06a32d2a
SHA512

600055ee56964dd4aa457c550287f6a2dd254fa3243c5684a7fde5506b662fddfb2af7720a1f5ee299dcedc4ac5d7ee8f60b6d17f36fb56c8e796b20e7946248
SSDEEP

49152:fmwYg/YNtyK4ZnZxqQvMsqMU59XX6k9kBPaV:PpeyDZT5v+59XX6k9kBPaV

Score

8^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
sample	aspack_v212_v242

Files

d56563be9be42e58a0354c158a1489792e6002c9f7a73ed48fe4207c06a32d2a
.exe windows x86

Code Sign

17:ec:85:a1:3c:0d:50:90:45:b3:0c:26:0c:5c:b7:61
Certificate

Issuer

CN=小鸡机器人,ST=,C=China,1.2.840.113549.1.9.1=#1300

Not Before

30/08/2022, 13:22

Not After

31/12/2039, 23:59

Subject

CN=小鸡机器人,ST=,C=China,1.2.840.113549.1.9.1=#1300

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

31/05/2021, 06:43

Not After

17/09/2029, 06:43

Subject

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

f1:64:25:8c:09:b6:e2:7b:e2:0e:32:60:8e:4b:f4:a8
Certificate

Issuer

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

19/05/2021, 05:42

Not After

18/05/2032, 05:42

Subject

CN=Certum Timestamp 2021,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19/05/2021, 05:32

Not After

18/05/2036, 05:32

Subject

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:56:34:ea:02:0a:40:1d:96:2b:46:1d:47:f4:7a:15:68:96:dd:34
Signer

Actual PE Digest

04:56:34:ea:02:0a:40:1d:96:2b:46:1d:47:f4:7a:15:68:96:dd:34

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=小鸡机器人,ST=,C=China,1.2.840.113549.1.9.1=#1300

21/09/2022, 12:01
Valid: false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 592KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 500KB - Virtual size: 884KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 552KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 484KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 455KB - Virtual size: 456KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Code Sign

17:ec:85:a1:3c:0d:50:90:45:b3:0c:26:0c:5c:b7:61Certificate

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27Certificate

Key Usages

f1:64:25:8c:09:b6:e2:7b:e2:0e:32:60:8e:4b:f4:a8Certificate

Extended Key Usages

Key Usages

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87Certificate

Extended Key Usages

Key Usages

04:56:34:ea:02:0a:40:1d:96:2b:46:1d:47:f4:7a:15:68:96:dd:34Signer

Signature Validations

Verification

21/09/2022, 12:01 Valid: false

Headers

File Characteristics

Sections

.text Size: 592KB - Virtual size: 1.1MB

.rdata Size: 500KB - Virtual size: 884KB

.data Size: 42KB - Virtual size: 552KB

.rsrc Size: 17KB - Virtual size: 484KB

.aspack Size: 455KB - Virtual size: 456KB

.adata Size: - Virtual size: 4KB

17:ec:85:a1:3c:0d:50:90:45:b3:0c:26:0c:5c:b7:61
Certificate

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27
Certificate

f1:64:25:8c:09:b6:e2:7b:e2:0e:32:60:8e:4b:f4:a8
Certificate

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87
Certificate

04:56:34:ea:02:0a:40:1d:96:2b:46:1d:47:f4:7a:15:68:96:dd:34
Signer

21/09/2022, 12:01
Valid: false

.text
Size: 592KB - Virtual size: 1.1MB

.rdata
Size: 500KB - Virtual size: 884KB

.data
Size: 42KB - Virtual size: 552KB

.rsrc
Size: 17KB - Virtual size: 484KB

.aspack
Size: 455KB - Virtual size: 456KB

.adata
Size: - Virtual size: 4KB