6a5f7756d131090cdbb952ebebfba7fa[.]bin | Triage

Sharing

General

Target

6a5f7756d131090cdbb952ebebfba7fa.bin
Size

3.3MB
MD5

72aa857340105063936ee43d0a77cdfc
SHA1

64a0042d96d11871a4302f4354f15933f3054105
SHA256

e06c762010d5927006201dc45173b27744a9962875b3f760dc53ef74c8c065f2
SHA512

34130dec02e3fb5c6640f8f1105b3b2a85acd8c8ec612ae357e7acc21e209bfe8ce6a312515690323a862e49f7b3eb66cd0d9a5ee9dd47421f3b76b80d916330
SSDEEP

98304:+3qN/Dvxxrehh5qIN2z5wuqzete2qSuUR+yvf+d:+3+DvTSR30uuXR+yni

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

Processes:

resource	yara_rule
static1/unpack001/bb50582c7307bdbe993ddef313262e34c3ae2e7ab082c881b60956b87a6e37f4.exe	aspack_v212_v242

Files

6a5f7756d131090cdbb952ebebfba7fa.bin
.zip

Password: infected
bb50582c7307bdbe993ddef313262e34c3ae2e7ab082c881b60956b87a6e37f4.exe
.exe windows x86

Password: infected

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 12KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 508KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 22KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE