0ee22d278a8a4b36f8d513b82367342452f62bb315033a500746beaf35bbdc94

Sharing

Copy URL Twitter E-mail

General

Target

0ee22d278a8a4b36f8d513b82367342452f62bb315033a500746beaf35bbdc94
Size

445KB
MD5

183e7f04d414babdeaec70d0a6c25372
SHA1

79aecbbfefc6e7fa13b1bc634c5976341116d985
SHA256

0ee22d278a8a4b36f8d513b82367342452f62bb315033a500746beaf35bbdc94
SHA512

49b0bda1bfb9056ef545542c13ea92589a4212ba64b89738fa94bab66fdce22fe14ab526038e2f3adc595adc5c7a15e422a3ff8a19b621d7914ab5656b450158
SSDEEP

12288:id4DFOG4YCXRkQXaNqa6Dq87F5i0DKEDBvl6VN:ieDF74dqPgaxYCN

Score

8^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
sample	aspack_v212_v242

Files

0ee22d278a8a4b36f8d513b82367342452f62bb315033a500746beaf35bbdc94
.dll windows x86

Code Sign

7d:1a:24:3c:2d:d6:4f:b7:46:5a:32:82:d5:7c:d4:31
Certificate

Issuer

CN=xcz,O=string,1.2.840.113549.1.9.1=#0c11323839353337313034394071712e636f6d

Not Before

19/08/2020, 10:11

Not After

31/12/2039, 23:59

Subject

CN=xcz,O=string,1.2.840.113549.1.9.1=#0c11323839353337313034394071712e636f6d

8d:78:88:04:eb:c2:e8:8e:2a:9a:cc:88:95:ba:1b:3e:57:cd:65:ee
Signer

Actual PE Digest

8d:78:88:04:eb:c2:e8:8e:2a:9a:cc:88:95:ba:1b:3e:57:cd:65:ee

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=xcz,O=string,1.2.840.113549.1.9.1=#0c11323839353337313034394071712e636f6d

29/09/2022, 19:04
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

Hwinfo
Hwinfo_C
dllversion

Sections

.text
Size: 282KB - Virtual size: 660KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 26KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 23KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Code Sign

7d:1a:24:3c:2d:d6:4f:b7:46:5a:32:82:d5:7c:d4:31Certificate

8d:78:88:04:eb:c2:e8:8e:2a:9a:cc:88:95:ba:1b:3e:57:cd:65:eeSigner

Signature Validations

Verification

29/09/2022, 19:04 Valid: false

Headers

File Characteristics

Exports

Exports

Sections

.text Size: 282KB - Virtual size: 660KB

.rdata Size: 104KB - Virtual size: 104KB

.data Size: 26KB - Virtual size: 168KB

.rsrc Size: 1024B - Virtual size: 4KB

.reloc Size: 23KB - Virtual size: 80KB

.aspack Size: 6KB - Virtual size: 8KB

.adata Size: - Virtual size: 4KB

7d:1a:24:3c:2d:d6:4f:b7:46:5a:32:82:d5:7c:d4:31
Certificate

8d:78:88:04:eb:c2:e8:8e:2a:9a:cc:88:95:ba:1b:3e:57:cd:65:ee
Signer

29/09/2022, 19:04
Valid: false

.text
Size: 282KB - Virtual size: 660KB

.rdata
Size: 104KB - Virtual size: 104KB

.data
Size: 26KB - Virtual size: 168KB

.rsrc
Size: 1024B - Virtual size: 4KB

.reloc
Size: 23KB - Virtual size: 80KB

.aspack
Size: 6KB - Virtual size: 8KB

.adata
Size: - Virtual size: 4KB