09b897c8bbff11df7738f4e43e69541c810ac3f6865e0d7e93872b4a1199be38 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

09b897c8bbff11df7738f4e43e69541c810ac3f6865e0d7e93872b4a1199be38
Size

111KB
MD5

11ce9607a7e8812fd6af158199219672
SHA1

82433b654ead68a9d8a4f94d93c2430e9b9b5962
SHA256

09b897c8bbff11df7738f4e43e69541c810ac3f6865e0d7e93872b4a1199be38
SHA512

b2e239e829b448c330685c77e6dda747ac42964cb67af9891452977caece175dfe64b67f6863a1f1400a74a54f076427d0ef43ff2f81cdb072d50686e246c03f
SSDEEP

1536:5yTKFBW0FlPsGX7JFLpEFae7Rs35tg7sqZAzTaJ8afNWY5mR7XV6kZuXH:5yEnzzWDNs3Ce888NNmRpFEH

Score

8^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Files

09b897c8bbff11df7738f4e43e69541c810ac3f6865e0d7e93872b4a1199be38
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sdata
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ovry2
Size: 512B - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 89KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE