c68aeacc744be377878bf5edf8122c4135d551d859b956e094bafec0e8659144 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c68aeacc744be377878bf5edf8122c4135d551d859b956e094bafec0e8659144
Size

1.1MB
MD5

a1626f75cdc021e89677124058efa414
SHA1

ce0e898914ef1a8b047d67ea56e360b6471c542d
SHA256

c68aeacc744be377878bf5edf8122c4135d551d859b956e094bafec0e8659144
SHA512

c2aee063027e2c5fda5116c63389c729a40990f001c3b1865f32dbcf356a499f1f3f637b124e2db3d5ef475ff2366bc12dd94e00ead0eedb4cf95f5cf08422b1
SSDEEP

24576:sn1OwdiQBkKBwp2fKCbqueJY7Y6XkQ2U7Ai2UbDzdY7r:sMwdiQBfCIq0LXk3CDdY3

Score

8^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Files

c68aeacc744be377878bf5edf8122c4135d551d859b956e094bafec0e8659144
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 807KB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 99KB - Virtual size: 400KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 9KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 186KB - Virtual size: 6.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 32KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE