0c1ca31779a8aeb0fdcb63608f28930949994dbf8bdd7b3cf5e2479abcd76ff8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0c1ca31779a8aeb0fdcb63608f28930949994dbf8bdd7b3cf5e2479abcd76ff8
Size

799KB
MD5

6eb986bf8caa54ab77815683e525ff20
SHA1

0a485584cd7a8b8de50d6bfc4f5f9476a402d71d
SHA256

0c1ca31779a8aeb0fdcb63608f28930949994dbf8bdd7b3cf5e2479abcd76ff8
SHA512

8b5579920594668ae17b8dae5e9a277badd8c5ea1f0bc115a51ace0f313a099f6b88050efce5f0f2f4530a0009e0bd80f0f7b540355d5d1e225e5b2182f4565b
SSDEEP

24576:tmBMwqh3tYv33HDQTP3UP5YroXf1inzpRBH:tHhdYvnDQTP3yXf0zpRBH

Score

8^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Files

0c1ca31779a8aeb0fdcb63608f28930949994dbf8bdd7b3cf5e2479abcd76ff8
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 393KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 138KB - Virtual size: 616KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 153KB - Virtual size: 556KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 104KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE