edfb20876984fc0fc4affe44cbc0a20507734035ac601060ce74087b53396246 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

edfb20876984fc0fc4affe44cbc0a20507734035ac601060ce74087b53396246
Size

15KB
MD5

b1fb9ac7063db57192db9bee04c50363
SHA1

e0429e1b59989cbab6646ba905ac312710f5ed30
SHA256

edfb20876984fc0fc4affe44cbc0a20507734035ac601060ce74087b53396246
SHA512

a36631754f337b8e60277aaca37dde16688d341fe2e6f42b1b07ccfe5f6bf2bc01bbfd275e59579f90776b8b61e61533d3c3cd1fef4d64bbd367ca57fadaef9c
SSDEEP

384:UBw/v1/KX+fvw3zUmIWJAxwr6+S9Pfu7n5e:UwXcAwjUmH6x3deVe

Score

8^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Files

edfb20876984fc0fc4affe44cbc0a20507734035ac601060ce74087b53396246
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

WlxActivateUserShell
WlxDisplayLockedNotice
WlxDisplaySASNotice
WlxInitialize
WlxIsLockOk
WlxIsLogoffOk
WlxLoggedOnSAS
WlxLoggedOutSAS
WlxLogoff
WlxNegotiate
WlxShutdown
WlxWkstaLockedSAS

Sections

.text
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE