d8419d67084f9a72565d3c5d26c55c7891d9976f8b21fc013eb4211fce7b268b

Sharing

Copy URL Twitter E-mail

General

Target

d8419d67084f9a72565d3c5d26c55c7891d9976f8b21fc013eb4211fce7b268b
Size

427KB
MD5

6ea9d797cc7cb3d73e28a470b560e1c0
SHA1

4885302ed5202918db853bf3688cde8b4205dee3
SHA256

d8419d67084f9a72565d3c5d26c55c7891d9976f8b21fc013eb4211fce7b268b
SHA512

a17da606f3774f5b22147a8ee36f6b5b9cc97854ab9053f05f8252423a75eb8f8325fa4fbc791ac3dbb3da517e3ab95e6af3ece819ca4b3b5a788befee1ff15e
SSDEEP

12288:qUgfbXmjZ7noxLvuTVpkyvhu0Nh8aXyWi:zgDuZ7yLvQI037XyWi

Score

8^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
sample	aspack_v212_v242

Files

d8419d67084f9a72565d3c5d26c55c7891d9976f8b21fc013eb4211fce7b268b
.exe windows x86

Code Sign

55:3b:b4:f6
Certificate

Issuer

CN=Adobe Systems Incorporated,OU=Flash Player,O=Adobe Systems Incorporated,L=San Jose,ST=California,C=US

Not Before

25/04/2015, 15:38

Not After

24/04/2018, 15:38

Subject

CN=Adobe Systems Incorporated,OU=Flash Player,O=Adobe Systems Incorporated,L=San Jose,ST=California,C=US

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

12:96:96:5b:74:fb:ce:e2:f3:55:a3:dd:b2:eb:76:5d:70:b1:7b:56
Signer

Actual PE Digest

12:96:96:5b:74:fb:ce:e2:f3:55:a3:dd:b2:eb:76:5d:70:b1:7b:56

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Adobe Systems Incorporated,OU=Flash Player,O=Adobe Systems Incorporated,L=San Jose,ST=California,C=US

27/06/2015, 09:18
Valid: false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 169KB - Virtual size: 360KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 20KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 59KB - Virtual size: 308KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.360
Size: 166KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Code Sign

55:3b:b4:f6Certificate

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

12:96:96:5b:74:fb:ce:e2:f3:55:a3:dd:b2:eb:76:5d:70:b1:7b:56Signer

Signature Validations

Verification

27/06/2015, 09:18 Valid: false

Headers

File Characteristics

Sections

.text Size: 169KB - Virtual size: 360KB

.rdata Size: 20KB - Virtual size: 80KB

.data Size: 6KB - Virtual size: 48KB

.rsrc Size: 59KB - Virtual size: 308KB

.360 Size: 166KB - Virtual size: 168KB

.adata Size: - Virtual size: 4KB

55:3b:b4:f6
Certificate

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

12:96:96:5b:74:fb:ce:e2:f3:55:a3:dd:b2:eb:76:5d:70:b1:7b:56
Signer

27/06/2015, 09:18
Valid: false

.text
Size: 169KB - Virtual size: 360KB

.rdata
Size: 20KB - Virtual size: 80KB

.data
Size: 6KB - Virtual size: 48KB

.rsrc
Size: 59KB - Virtual size: 308KB

.360
Size: 166KB - Virtual size: 168KB

.adata
Size: - Virtual size: 4KB