ee51f4093c3065a617b1d26d9878dcb265591e9d1c26395fa9ecbde5b3a60eb3 | Triage

Sharing

General

Target

ee51f4093c3065a617b1d26d9878dcb265591e9d1c26395fa9ecbde5b3a60eb3
Size

714KB
MD5

5dd3b49634b977f6a61d463e87267030
SHA1

9b8a1d7635af45a972c003036098a08af98f90c9
SHA256

ee51f4093c3065a617b1d26d9878dcb265591e9d1c26395fa9ecbde5b3a60eb3
SHA512

0d4939681d66fa4c8361bba32d32731c1ad8bc8e540e1a3ac48d3708f0fb2c33e6298d065c647c3911ebe7faafffe39ec6e9841486b95eed5dc0a600708e0d46
SSDEEP

12288:bGzKzXZGYlfIUY8G3J5Pom7vAP5o206m9lNIDxByyl+cgCZfgyXjo7zU6RpGHNuo:5zpNAUy7splKWDntlmelc7AnI4

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs
Detects executables packed with ASPack v2.12-2.42
aspackv2

Processes:

resource yara_rule

sample aspack_v212_v242

Files

ee51f4093c3065a617b1d26d9878dcb265591e9d1c26395fa9ecbde5b3a60eb3
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 513KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 71KB - Virtual size: 280KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 42KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 72KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE