9fdf09727e35a501076a075f30cbaace0a9b22b69179c8b26f215b0285e497d9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9fdf09727e35a501076a075f30cbaace0a9b22b69179c8b26f215b0285e497d9
Size

284KB
MD5

8bc058061f43a09970a26027fcf8b772
SHA1

580a49483cf06b0da5e79307b20358ae0b9bfb2f
SHA256

9fdf09727e35a501076a075f30cbaace0a9b22b69179c8b26f215b0285e497d9
SHA512

5434be89e8c7f0f9a1516d2abf320581781765381988029f528c96c4602e23de07a961e8906072686e6963c4d1f51772ecd2de62e7d3adf09ab53ddc55479fdc
SSDEEP

6144:aV+JTGkBFvsuyfDe9A1lxXs7tfQN5/inEaMadDKNa1aIGh:VcfD0AytfQunka1KNaT

Score

8^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Files

9fdf09727e35a501076a075f30cbaace0a9b22b69179c8b26f215b0285e497d9
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

StartHook

Sections

Size: 78KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 5KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 9KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 142KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE