8b5f1e3b81fc56d6ea012b873aaae7d9dfd812c6ad6a607060d40cd75b2c6f3e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8b5f1e3b81fc56d6ea012b873aaae7d9dfd812c6ad6a607060d40cd75b2c6f3e
Size

177KB
MD5

436f2723f752e85d3f27948ca44961a3
SHA1

9b01a5a83d0540184b7b1b5d0e043420d904e409
SHA256

8b5f1e3b81fc56d6ea012b873aaae7d9dfd812c6ad6a607060d40cd75b2c6f3e
SHA512

150c42431794ddecaec81f97d4be16b1df5c929166552ff7791c4159b96c80f7b2c931979adb0db2544e707442471ea443bbcfd168667a55a4924900328e785c
SSDEEP

3072:kfZ9SFUq9J3IIeR3NFQpoYPQwj4uwPdb9qFp1ExfWD50L9lcOzy8O2nAhUeA+0:kfehehQBQwNEdbEFQZW5m9iEAhdf0

Score

8^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Files

8b5f1e3b81fc56d6ea012b873aaae7d9dfd812c6ad6a607060d40cd75b2c6f3e
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 141KB - Virtual size: 336KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 15KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE