1c0350410b9a6f29816d368ac9557dc5f17c03279cfec97bd06847482ce933bf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1c0350410b9a6f29816d368ac9557dc5f17c03279cfec97bd06847482ce933bf
Size

472KB
MD5

2f271e02dbb9ad07fce725b3c3a28476
SHA1

dbae441fc405395987d9e61e717ca83f85ed5ca0
SHA256

1c0350410b9a6f29816d368ac9557dc5f17c03279cfec97bd06847482ce933bf
SHA512

11d05d4a449e7ca90e08ae0864f7df9261d8456d7d60eee1c4cb03ba3f5a891e0249368ec290ce3d34e737c5f2a775e2451985028417d830bc603b565201843b
SSDEEP

12288:z+mF7218AxlCkJOaG6hpli71wb3yISAB+owHKQHECFVHpuwm:z+ynpXqs1w+AAjHZHlV

Score

8^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Files

1c0350410b9a6f29816d368ac9557dc5f17c03279cfec97bd06847482ce933bf
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 204KB - Virtual size: 516KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 33KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 184KB - Virtual size: 6.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 44KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE