d35855f0a3f9173d76fb47563316243a9d319d186b3388ec3b002d9a64475c25 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d35855f0a3f9173d76fb47563316243a9d319d186b3388ec3b002d9a64475c25
Size

436KB
MD5

b1bbdaee2a65ba0a619e823ce6b92c80
SHA1

5cc20a8b889e6af9b995b9fd1114d489f737e0d0
SHA256

d35855f0a3f9173d76fb47563316243a9d319d186b3388ec3b002d9a64475c25
SHA512

eef1b2860e45f713c36986f3813f004aa1952ae75ade55944f226ac5807184f54bd1bd6eac993c6b828ee2bfd92c1cf52e1aba425a07b41eea977b537e3b0360
SSDEEP

12288:1lJrPgxK6WQ9B/LHv+HXJb3UCqLExIG/k3RikP5JB3:1Xr8KnQ9hveb3UC+GEckx3

Score

8^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Files

d35855f0a3f9173d76fb47563316243a9d319d186b3388ec3b002d9a64475c25
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 12KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 412KB - Virtual size: 416KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE