d47a3c191aa6f12e4386e69b768a8357eca32f49a36e90478fc97c067c6270fc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d47a3c191aa6f12e4386e69b768a8357eca32f49a36e90478fc97c067c6270fc
Size

576KB
MD5

0be4a413bfb45731dfd74f20482fa79e
SHA1

de005f01868dbb5cbb9fd8f2a94225d54bce4bf0
SHA256

d47a3c191aa6f12e4386e69b768a8357eca32f49a36e90478fc97c067c6270fc
SHA512

2e9cc9cc75870a8d05384b37d08a90b76d1f2fcc3b18a020c3e45e44625cdf4e8bd56ee3a63116f1a88a034cef9ffd774cd5db4c22816256a47d8a4b5c4da036
SSDEEP

12288:ZusCN5HowsmAKx408+acnz0TNjm8hSwDtUHDuKdrR:lCPH9sXWEcnYR68EwDWHDu

Score

8^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Files

d47a3c191aa6f12e4386e69b768a8357eca32f49a36e90478fc97c067c6270fc
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 313KB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 148KB - Virtual size: 392KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 41KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 66KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE