eb83af3caf734a28d55cc051d4682c861919fa96ef39118397b978bfee157346 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

eb83af3caf734a28d55cc051d4682c861919fa96ef39118397b978bfee157346
Size

395KB
MD5

43365797ba8c30b172444a0902daeee6
SHA1

654d0c1d60a0f79c85b1ea1d6551a69cc8c3a370
SHA256

eb83af3caf734a28d55cc051d4682c861919fa96ef39118397b978bfee157346
SHA512

567c7c40ee06556953a63e0435a87620967b84a6a44ca5c48651586ca40d21d41b00ee61060d0f7f6960acf85d8e22b7dae83ba7221612f2047fb8f2b8598502
SSDEEP

6144:WRkPhlTksA/0I1BqyIXCGO8k9mThMX+EESoM+zQ8qQ7MvwMC3CQotfT6zna:ckPfkY8eI8haXbESoMAQ8qNvcCQoxUa

Score

8^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Files

eb83af3caf734a28d55cc051d4682c861919fa96ef39118397b978bfee157346
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

Start
Update
Url
check_dll
��Ƿ��ֶ��
��ȡ��PID

Sections

.text
Size: 250KB - Virtual size: 552KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 22KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 19KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE