ef1772fcc914278944d484fb8ab765d2e2c200e1611c4865cd87d3b788093312

General

Target

ef1772fcc914278944d484fb8ab765d2e2c200e1611c4865cd87d3b788093312
Size

480KB
MD5

9f62a4223fc83ebcf8dfaad58a726a8d
SHA1

8247bb29e7956cce1459c9906c662bb2190626d9
SHA256

ef1772fcc914278944d484fb8ab765d2e2c200e1611c4865cd87d3b788093312
SHA512

f79a5f368764a7e69e7df520310208f90f45629458f7657f219f3a70c816cbb3955d96a00c1876bddadf8f549e3b1f369536e3fc91680f5b859e086f376cf3f9
SSDEEP

12288:uMHn9h56Iik7wgIj52RISkb1uTxsDk+lQsSvo0nK9XPZ4Q4yT:uML56vk742ib1qxsQ+KBv7K9Xx4Q4yT

Score

8^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
sample	aspack_v212_v242

Files

ef1772fcc914278944d484fb8ab765d2e2c200e1611c4865cd87d3b788093312
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

GETMachineIDM
GETUserIDM
GET_MachineIDM
IC_read
read_regdate
read_regdate2
remote_reg
remote_reg2
sensLock_Recharge
sensLock_W_supkey
sensLock_check
sensLock_superkey
sensLock_user

Sections

CODE
Size: 340KB - Virtual size: 908KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 25KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 31KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

CODE Size: 340KB - Virtual size: 908KB

DATA Size: 25KB - Virtual size: 40KB

BSS Size: - Virtual size: 16KB

.idata Size: 4KB - Virtual size: 12KB

.edata Size: 512B - Virtual size: 4KB

.reloc Size: 31KB - Virtual size: 60KB

.rsrc Size: 72KB - Virtual size: 212KB

.aspack Size: 6KB - Virtual size: 8KB

.adata Size: - Virtual size: 4KB

CODE
Size: 340KB - Virtual size: 908KB

DATA
Size: 25KB - Virtual size: 40KB

BSS
Size: - Virtual size: 16KB

.idata
Size: 4KB - Virtual size: 12KB

.edata
Size: 512B - Virtual size: 4KB

.reloc
Size: 31KB - Virtual size: 60KB

.rsrc
Size: 72KB - Virtual size: 212KB

.aspack
Size: 6KB - Virtual size: 8KB

.adata
Size: - Virtual size: 4KB