9dd170670002b80a71f8f50d6a997b0640fcbbf58bb0e1073f43c8acc7cc5f00 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9dd170670002b80a71f8f50d6a997b0640fcbbf58bb0e1073f43c8acc7cc5f00
Size

367KB
MD5

a1c9b6e27fa245af4ec8045c43c9359d
SHA1

4aa229eb81f67714a6804de2c518b285fb77eec7
SHA256

9dd170670002b80a71f8f50d6a997b0640fcbbf58bb0e1073f43c8acc7cc5f00
SHA512

c7b8736fedf45453ca0540de95aee0a37f8f278c29e03167a0875318d5ffe6ebf753d9bb83998fc4a6cbf2f42d07357fbeadc31dfbb398ea8991d15ec42c8cc5
SSDEEP

6144:zM5LeTW0f7BgYsgKYe5ol/K/XH9zXBtA1GYuYokYfYf5qRVxoNM6W:4xoBF2ol/cXdTBtAQYuYxYfYf6ONM

Score

8^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Files

9dd170670002b80a71f8f50d6a997b0640fcbbf58bb0e1073f43c8acc7cc5f00
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 87KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 13KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 9KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc0
Size: 41KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 199KB - Virtual size: 199KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE