b16abd72ab32a58548af205ea9eb9298262b71e5fa9bdfc5fe43a73df4a08f61

General

Target

b16abd72ab32a58548af205ea9eb9298262b71e5fa9bdfc5fe43a73df4a08f61
Size

349KB
MD5

ab1dfbd11bdb88b142bb5b1f18a73053
SHA1

d5133661ba02958f3b72b4769cfb65911ba223e6
SHA256

b16abd72ab32a58548af205ea9eb9298262b71e5fa9bdfc5fe43a73df4a08f61
SHA512

9c324d9c8f793ebac8c18d6056dc78303925a027d254a9bbcced2c6401e60c9790d34f282c8c092f51b8b8eb646cd05774b4c7d155037d638d60a58478a0722a
SSDEEP

6144:24IFD00ao0k3uWbF7DOZ+oD6l9T+K6KDbLSGy1X6ilH9V0/FOKCDs2pZNi/:pIFNa43uWbF7+309T+KmGywiNn0/RCDO

Score

8^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
sample	aspack_v212_v242

Files

b16abd72ab32a58548af205ea9eb9298262b71e5fa9bdfc5fe43a73df4a08f61
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

AppMsgToAnalyzer
AppResultToAnalyzer
CloseComm
CreateCommLink
DestroyCommLink
GetRackPostion
GetReceiveStatus
GetSendStatus
InitialComm
IsActive
OpenComm
SendOrderToAnalysis
SetLogActive
SetSrvDateTime

Sections

CODE
Size: 294KB - Virtual size: 740KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 7KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 26KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

CODE Size: 294KB - Virtual size: 740KB

DATA Size: 7KB - Virtual size: 16KB

BSS Size: - Virtual size: 4KB

.idata Size: 3KB - Virtual size: 12KB

.edata Size: 512B - Virtual size: 4KB

.reloc Size: 26KB - Virtual size: 52KB

.rsrc Size: 11KB - Virtual size: 36KB

.aspack Size: 6KB - Virtual size: 8KB

.adata Size: - Virtual size: 4KB

CODE
Size: 294KB - Virtual size: 740KB

DATA
Size: 7KB - Virtual size: 16KB

BSS
Size: - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 12KB

.edata
Size: 512B - Virtual size: 4KB

.reloc
Size: 26KB - Virtual size: 52KB

.rsrc
Size: 11KB - Virtual size: 36KB

.aspack
Size: 6KB - Virtual size: 8KB

.adata
Size: - Virtual size: 4KB