ef60e886f7eabce0583e109cc9b94cc3a757596bc5437490b03d2ce84ec3724f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ef60e886f7eabce0583e109cc9b94cc3a757596bc5437490b03d2ce84ec3724f
Size

209KB
MD5

ffefdd44531c6c23827817d979608244
SHA1

c5349d8100bb1cca17ecd82661b05d5e12c06a39
SHA256

ef60e886f7eabce0583e109cc9b94cc3a757596bc5437490b03d2ce84ec3724f
SHA512

69720565ca5a48346662c73af77270ed75402b66007a8f07b0bf4d8dd66c102f111c6b16588fe4e6342423d48d8051a63985eae0ba52ed3e96abbad970af69ee
SSDEEP

6144:7PQRQzdlc+zDIO0a9gWQlA5TwNle1EwysIcgMc:7PQRTocO0a9gWQlA5sNg1pbc

Score

8^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Files

ef60e886f7eabce0583e109cc9b94cc3a757596bc5437490b03d2ce84ec3724f
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 176KB - Virtual size: 464KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.newIID
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE