fd161eadcd548b5cdf16445aa85a9136a4b31a130966c0884d0494593787dd6a

General

Target

fd161eadcd548b5cdf16445aa85a9136a4b31a130966c0884d0494593787dd6a
Size

723KB
MD5

cea531b08e0eaeaa99fa6c5d25fe074a
SHA1

afdf2111e9854b4d28ca6e86bfee0d7595917e79
SHA256

fd161eadcd548b5cdf16445aa85a9136a4b31a130966c0884d0494593787dd6a
SHA512

6339f6af45cf08b10b80c740c213612bcc8a11de6ba84014b8c0c9e0e5e473d3e30c9bbbef759c22bcaeebe665046896a094a2fff5eb8fa479d5189ad4710672
SSDEEP

12288:3LoqQMTvTRNHAdEzvYTVDLMg0mRjpOk/n85E5/Q79N3kXkH3T0hhGYT+izsHaIwT:3LFQMDTRNHAdEzvYJDLumRjpXnpIRenB

Score

8^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 2 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
static1/unpack001/mydll.dll	aspack_v212_v242
static1/unpack001/跑跑宝宝KTO14.8.exe	aspack_v212_v242

Files

fd161eadcd548b5cdf16445aa85a9136a4b31a130966c0884d0494593787dd6a
.rar
mydll.dll
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

RunDllHostCallBack
asm_��ڴ�
asm_д��ڴ�
prc
��װ�̹߳��
ʮ��תʮ��
�ҵ�dll��
ж��̹߳��
�Զ��

Sections

.text
Size: 276KB - Virtual size: 656KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 26KB - Virtual size: 304KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 26KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
跑跑宝宝KTO14.8.exe
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 198KB - Virtual size: 432KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 99KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 17KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 28KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

.text Size: 276KB - Virtual size: 656KB

.rdata Size: 128KB - Virtual size: 128KB

.data Size: 26KB - Virtual size: 304KB

.rsrc Size: 18KB - Virtual size: 40KB

.reloc Size: 26KB - Virtual size: 92KB

.aspack Size: 5KB - Virtual size: 8KB

.adata Size: - Virtual size: 4KB

Headers

File Characteristics

Sections

.text Size: 198KB - Virtual size: 432KB

.rdata Size: 99KB - Virtual size: 204KB

.data Size: 17KB - Virtual size: 136KB

.rsrc Size: 8KB - Virtual size: 44KB

.aspack Size: 28KB - Virtual size: 32KB

.adata Size: - Virtual size: 4KB

.text
Size: 276KB - Virtual size: 656KB

.rdata
Size: 128KB - Virtual size: 128KB

.data
Size: 26KB - Virtual size: 304KB

.rsrc
Size: 18KB - Virtual size: 40KB

.reloc
Size: 26KB - Virtual size: 92KB

.aspack
Size: 5KB - Virtual size: 8KB

.adata
Size: - Virtual size: 4KB

.text
Size: 198KB - Virtual size: 432KB

.rdata
Size: 99KB - Virtual size: 204KB

.data
Size: 17KB - Virtual size: 136KB

.rsrc
Size: 8KB - Virtual size: 44KB

.aspack
Size: 28KB - Virtual size: 32KB

.adata
Size: - Virtual size: 4KB