b9ece540d65bc6fc15b2ca1dd8ab9ed0dcaeb206a0a9b00d10b35cabf86b5a5b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b9ece540d65bc6fc15b2ca1dd8ab9ed0dcaeb206a0a9b00d10b35cabf86b5a5b
Size

175KB
MD5

59486f85af42e53a56f0ba43646be149
SHA1

e7af88a9cddf101654a10ca662eda2ff8d64b48c
SHA256

b9ece540d65bc6fc15b2ca1dd8ab9ed0dcaeb206a0a9b00d10b35cabf86b5a5b
SHA512

1f5d4840fbf406c0e385dacf6323e84e310d6d286651c796a53decb588b50a94255c9fb0a116c28efa1ed193bba7bc433ad6dae30de9b9d2dc8f0e09323e334d
SSDEEP

3072:mQ08B5GeJ6UoK1bSTlmlHE5GeJ6UoK1bSTlmlHq:eN86UoK1bzlHn86UoK1bzlHq

Score

8^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Files

b9ece540d65bc6fc15b2ca1dd8ab9ed0dcaeb206a0a9b00d10b35cabf86b5a5b
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MaskPE
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xiaohui
Size: 40B - Virtual size: 40B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ