f593c696a551c163c2d23b0a204d187b9120650faaaf0b375e067f177dbad55b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f593c696a551c163c2d23b0a204d187b9120650faaaf0b375e067f177dbad55b
Size

380KB
MD5

cb2b35ac9c396369657b1b3674f2f08e
SHA1

afa641b2d1bbfb75cf0766fe0c56a8132f223694
SHA256

f593c696a551c163c2d23b0a204d187b9120650faaaf0b375e067f177dbad55b
SHA512

f86d20e0c55b246f01d8c0a1a5d8c200831556d55f311f6b3ab4c3d4b56bc42e88c6c1dc8e657fb74b9d7e942b7e181cd80bc1530eb623c60b63c8c64c32a6f2
SSDEEP

6144:V9wWjD9zUe46ZqNpomgsmzCJsmRwU80EmUOUMP390u9tAWOB5Xnc:bwMD9h4JNBazCJpnEmUOUMvF9tAWO/

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

resource	yara_rule
sample	aspack_v212_v242

Files

f593c696a551c163c2d23b0a204d187b9120650faaaf0b375e067f177dbad55b
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

��ʼ��߳�

Sections

.text
Size: 245KB - Virtual size: 540KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 21KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 18KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE