db5b6b816979558a5866a3a339c10a6636af46c2afb9f1dda5b3b2cbea1bfaad | Triage

Sharing

Copy URL Twitter E-mail

General

Target

db5b6b816979558a5866a3a339c10a6636af46c2afb9f1dda5b3b2cbea1bfaad
Size

326KB
MD5

bd8934365ce39c2f0dd727e3c0fc4061
SHA1

10a6a80dc63f463245ad5df9f8760edbe5bacdc4
SHA256

db5b6b816979558a5866a3a339c10a6636af46c2afb9f1dda5b3b2cbea1bfaad
SHA512

609544f6d29f073018478a25bb8db6cc0f95737296de7d42a2fec2eef23a4a3cddf74235c5737e5c54130650d10c074837255ed3f8e3903984159b16309b547f
SSDEEP

6144:iHjMuILgM2u+nmzK6QgSuHL5vj6pNQpaXLebJlmppclK0seuo6b9rdA8x2:GNIEGpzK6FSkFv7paXLebJluGP6bldAT

Score

8^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Files

db5b6b816979558a5866a3a339c10a6636af46c2afb9f1dda5b3b2cbea1bfaad
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

CallGateWay

Sections

Size: 9KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 304KB - Virtual size: 304KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE