49d24a7f460395559d9f28e55b99b112c3ec4da4e225e7ce6fe30f41ac8d3010 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

49d24a7f460395559d9f28e55b99b112c3ec4da4e225e7ce6fe30f41ac8d3010
Size

86KB
MD5

60fe3d0d623bd2512111c08069e64a56
SHA1

0b34483dfb67b9f82201af0b7bde5d2e4f8dc057
SHA256

49d24a7f460395559d9f28e55b99b112c3ec4da4e225e7ce6fe30f41ac8d3010
SHA512

ebf5d9445b725f61f9adc63ecbc1a4c9958cba8e851d17cc9081448ee8cbcbb26da08e7a9739895045e74b9fdf5e8d174b8898fc563242333c884a8160b23d0b
SSDEEP

1536:4M3KO73W1TDKVqS7CHfOMJyJopKeqxukGWl4N8HIZW69vuLcqKUH:CO73eTE77+tSopYRVl4WIZR2Lc1UH

Score

8^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
static1/unpack001/SPORE_V1.3_Plus_23_Trainer_By_KelSat.exe	aspack_v212_v242

Files

49d24a7f460395559d9f28e55b99b112c3ec4da4e225e7ce6fe30f41ac8d3010
.rar
SPORE_V1.3_Plus_23_Trainer_By_KelSat.exe
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 11KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 20KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
www.3dmgame.net.url
.url
说明.txt