f5170f2600731e81eeb3228e9f008284a74d2b888158f2a2f8d4be486d00040e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f5170f2600731e81eeb3228e9f008284a74d2b888158f2a2f8d4be486d00040e
Size

329KB
MD5

f66e33a9ac67f9612f063c4cf1fd9ab5
SHA1

27696257048938715ef6d2acfe5cf5ba29e20c43
SHA256

f5170f2600731e81eeb3228e9f008284a74d2b888158f2a2f8d4be486d00040e
SHA512

8901eaa50bab84847eb7ed8a61cf7f6ac881777d1f073f73e0f1e7f575931282e6141114ba93b4fa7378d73a10d0b2a50b63d7010b6714b3031528d84ae365d8
SSDEEP

6144:jNqL21wUFtv3J7u2qUclasFqVq6AcaVfryZX75RHcrb4fljpPhj/aN3j6/ruvn:Bb1dFP7uhl7TvP2Xz6b4t1Phj/ouu

Score

8^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Files

f5170f2600731e81eeb3228e9f008284a74d2b888158f2a2f8d4be486d00040e
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 263KB - Virtual size: 596KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 26KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 20KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE