59d796e4994129050015aaa430434fc916828f5ba65a0e2aaed6d75f6235cbcc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

59d796e4994129050015aaa430434fc916828f5ba65a0e2aaed6d75f6235cbcc
Size

152KB
MD5

c5e71d544c1a52f51ed9cca56ed80316
SHA1

49a0051547a46fda06de2a52d8c4e781da1555ba
SHA256

59d796e4994129050015aaa430434fc916828f5ba65a0e2aaed6d75f6235cbcc
SHA512

4c1ba337c05635dfcdf9db8d5786bf78c780586d0f677f23724db9d81380aa98af0a5d5f921c2dce72ce79a4e1d9d1d1759aa89b9e19bf84a6eb78a56e3d05dc
SSDEEP

3072:ZEKvLsLAfdTV4rOGZoeCutv90CF33gE+wl/61/reU/nyypNW06:rTsLMVi7opuP0IJ7/6z9k06

Score

8^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Files

59d796e4994129050015aaa430434fc916828f5ba65a0e2aaed6d75f6235cbcc
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 60KB - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 60KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE